|
266751
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becau…
|
CWE-200
Information Exposure
|
CVE-2016-8413
|
2024-11-21 11:59 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266752
|
7.5 |
HIGH
Network
|
lenovo
|
thinkserver_firmware
|
Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77.
|
CWE-284
Improper Access Control
|
CVE-2016-8236
|
2024-11-21 11:59 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266753
|
9.8 |
CRITICAL
Network
|
lenovo
|
xclarity_administrator
|
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-8233
|
2024-11-21 11:59 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266754
|
6.1 |
MEDIUM
Network
|
ibm
|
advanced_management_module_firmware
|
Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows a…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8232
|
2024-11-21 11:59 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266755
|
6.5 |
MEDIUM
Network
|
yandex
|
yandex_browser
|
Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for pr…
|
CWE-254
7PK - Security Features
|
CVE-2016-8508
|
2024-11-21 11:59 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266756
|
6.5 |
MEDIUM
Network
|
yandex
|
yandex_browser
|
Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video …
|
CWE-200
Information Exposure
|
CVE-2016-8507
|
2024-11-21 11:59 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266757
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable heap corruption vulnerability exists in the loadTrailer functionality of Iceni Argus version 6.6.05. A specially crafted PDF file can cause a heap corruption resulting in arbitrary cod…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8715
|
2024-11-21 11:59 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266758
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and t…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-8389
|
2024-11-21 11:59 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266759
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-8388
|
2024-11-21 11:59 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266760
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8387
|
2024-11-21 11:59 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
