|
268541
|
7.5 |
HIGH
Network
|
matrixssl
|
matrixssl
|
The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
|
CWE-416
Use After Free
|
CVE-2016-6892
|
2024-11-21 11:57 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268542
|
7.5 |
HIGH
Network
|
matrixssl
|
matrixssl
|
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6891
|
2024-11-21 11:57 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268543
|
9.8 |
CRITICAL
Network
|
matrixssl
|
matrixssl
|
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6890
|
2024-11-21 11:57 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268544
|
6.3 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authent…
|
CWE-22
Path Traversal
|
CVE-2016-7169
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268545
|
4.8 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-7168
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268546
|
9.8 |
CRITICAL
Network
|
veritas
|
netbackup_appliance_firmware
|
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metac…
|
CWE-77
Command Injection
|
CVE-2016-7399
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268547
|
7.5 |
HIGH
Network
|
arista
|
dcs-7050t_eos_software
dcs-7050q_eos_software
dcs-7050s_eos_software
|
Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before 4.17.0F on DCS-7050 series devices allow remote attackers to cause a denial of service (device reboot) by sending crafted packets …
|
CWE-399
Resource Management Errors
|
CVE-2016-6894
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268548
|
5.3 |
MEDIUM
Network
|
vmware
|
horizon_view
|
Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via …
|
CWE-22
Path Traversal
|
CVE-2016-7087
|
2024-11-21 11:57 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268549
|
7.8 |
HIGH
Local
|
vmware
|
workstation_player
workstation_pro
|
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-7086
|
2024-11-21 11:57 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268550
|
7.8 |
HIGH
Local
|
vmware
|
workstation_player
workstation_pro
|
Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via…
|
CWE-426
Untrusted Search Path
|
CVE-2016-7085
|
2024-11-21 11:57 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
