|
271361
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2360
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271362
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.
|
CWE-287
Improper Authentication
|
CVE-2016-2359
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271363
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user account…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2358
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271364
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2357
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271365
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
|
CWE-120
Classic Buffer Overflow
|
CVE-2016-2356
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271366
|
5.5 |
MEDIUM
Local
|
audacityteam
|
audacity
|
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2541
|
2024-11-21 11:48 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271367
|
5.5 |
MEDIUM
Local
|
audacityteam
|
audacity
|
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2540
|
2024-11-21 11:48 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271368
|
6.5 |
MEDIUM
Network
|
pl\/java_project
|
pl\/java
|
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.
|
CWE-269
Improper Privilege Management
|
CVE-2016-2192
|
2024-11-21 11:48 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271369
|
5.9 |
MEDIUM
Network
|
invisioncommunity
|
invision_power_board
|
Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board…
|
CWE-331
Insufficient Entropy
|
CVE-2016-2564
|
2024-11-21 11:48 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271370
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.
|
CWE-284
Improper Access Control
|
CVE-2016-2433
|
2024-11-21 11:48 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
