|
268491
|
7.5 |
HIGH
Network
|
gnu
|
libiberty
|
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
|
CWE-20
Improper Input Validation
|
CVE-2016-6131
|
2024-11-21 11:55 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268492
|
6.5 |
MEDIUM
Network
|
alinto
|
sogo
|
Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of service (memory consumption) via a large number of attempts to upload a large attachment, related to temporary files.
|
CWE-399
Resource Management Errors
|
CVE-2016-6188
|
2024-11-21 11:55 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268493
|
5.5 |
MEDIUM
Local
|
gnome
|
librsvg
|
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6163
|
2024-11-21 11:55 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268494
|
5.9 |
MEDIUM
Network
|
ibm
|
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could …
|
CWE-200
Information Exposure
|
CVE-2016-6116
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268495
|
8.8 |
HIGH
Network
|
ibm
|
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the w…
|
CWE-352
Origin Validation Error
|
CVE-2016-6103
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268496
|
5.3 |
MEDIUM
Network
|
ibm
|
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system.
|
CWE-200
Information Exposure
|
CVE-2016-6099
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268497
|
9.8 |
CRITICAL
Network
|
ibm
|
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
|
CWE-284
Improper Access Control
|
CVE-2016-6095
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268498
|
5.9 |
MEDIUM
Network
|
ibm
|
dashboard_application_services_hub
|
IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerabi…
|
CWE-200
Information Exposure
|
CVE-2016-5935
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268499
|
5.5 |
MEDIUM
Local
|
lepton_project
|
lepton
|
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6238
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268500
|
5.5 |
MEDIUM
Local
|
lepton_project
|
lepton
|
The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-6237
|
2024-11-21 11:55 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
