|
270041
|
8.8 |
HIGH
Network
|
fatek
|
automation_fv_designer
automation_pm_designer
|
An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5796
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270042
|
7.5 |
HIGH
Network
|
omnimetrix
|
omniview
|
An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the co…
|
CWE-200
Information Exposure
|
CVE-2016-5786
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270043
|
8.6 |
HIGH
Network
|
locusenergy
|
lgate_firmware
|
An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for …
|
CWE-20
Improper Input Validation
|
CVE-2016-5782
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270044
|
7.5 |
HIGH
Network
|
op-tee
libtom
|
op-tee_os
libtomcrypt
|
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes i…
|
CWE-20
Improper Input Validation
|
CVE-2016-6129
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270045
|
5.9 |
MEDIUM
Network
|
openbsd
|
openssh
|
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enu…
|
CWE-200
Information Exposure
|
CVE-2016-6210
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270046
|
7.5 |
HIGH
Network
|
nlnetlabs
|
nsd
|
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
|
CWE-399
Resource Management Errors
|
CVE-2016-6173
|
2024-11-21 11:55 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270047
|
8.6 |
HIGH
Network
|
knot-dns
|
knot_dns
|
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-6171
|
2024-11-21 11:55 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270048
|
7.3 |
HIGH
Local
|
ibm
|
tivoli_storage_manager_fastback
|
IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. By placing a specially-crafted DLL in the victim's path, an attacker could exploit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5934
|
2024-11-21 11:55 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270049
|
4.7 |
MEDIUM
Local
|
ibm
|
tivoli_storage_manager_for_space_management
|
IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.
|
CWE-200
Information Exposure
|
CVE-2016-5918
|
2024-11-21 11:55 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270050
|
6.1 |
MEDIUM
Network
|
ibm
|
maximo_for_transportation
maximo_for_utilities
maximo_for_aviation
maximo_for_nuclear_power
maximo_for_energy_optimization
maximo_asset_management
maximo_for_life_sciences
maximo…
|
IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5902
|
2024-11-21 11:55 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
