|
266551
|
6.5 |
MEDIUM
Network
|
yandex
|
yandex_browser
|
Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for pr…
|
CWE-254
7PK - Security Features
|
CVE-2016-8508
|
2024-11-21 11:59 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266552
|
6.5 |
MEDIUM
Network
|
yandex
|
yandex_browser
|
Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video …
|
CWE-200
Information Exposure
|
CVE-2016-8507
|
2024-11-21 11:59 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266553
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable heap corruption vulnerability exists in the loadTrailer functionality of Iceni Argus version 6.6.05. A specially crafted PDF file can cause a heap corruption resulting in arbitrary cod…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8715
|
2024-11-21 11:59 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266554
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and t…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-8389
|
2024-11-21 11:59 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266555
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-8388
|
2024-11-21 11:59 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266556
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8387
|
2024-11-21 11:59 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266557
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a PDF containing a malformed font to XML, the tool will attempt to use a size out of the font to search th…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8386
|
2024-11-21 11:59 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266558
|
7.8 |
HIGH
Local
|
iceni
|
argus
|
An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be lef…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8385
|
2024-11-21 11:59 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266559
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain se…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-8636
|
2024-11-21 11:59 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266560
|
5.9 |
MEDIUM
Network
|
dovecot
|
dovecot
|
The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username.
|
CWE-20
Improper Input Validation
|
CVE-2016-8652
|
2024-11-21 11:59 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
