|
270151
|
7.5 |
HIGH
Network
|
huawei
|
oceanstor_5800_v3
|
Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers to cause a denial of service (CPU consumption) via a large number of crafted HTTP packets.
|
CWE-399
Resource Management Errors
|
CVE-2016-5822
|
2024-11-21 11:55 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270152
|
9.1 |
CRITICAL
Network
|
libtiff
|
libtiff
|
The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a …
|
CWE-189
Numeric Errors
|
CVE-2016-6223
|
2024-11-21 11:55 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270153
|
9.8 |
CRITICAL
Network
|
ffmpeg
|
ffmpeg
|
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-6164
|
2024-11-21 11:55 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270154
|
7.5 |
HIGH
Network
|
broadcom
|
tcpreplay
|
tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.
|
CWE-399
Resource Management Errors
|
CVE-2016-6160
|
2024-11-21 11:55 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270155
|
5.9 |
MEDIUM
Network
|
owncloud
|
owncloud
|
ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5876
|
2024-11-21 11:55 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270156
|
9.8 |
CRITICAL
Network
|
php
|
pecl_http
|
Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5873
|
2024-11-21 11:55 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270157
|
7.8 |
HIGH
Local
|
netbsd
|
netbsd
|
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on th…
|
CWE-59
Link Following
|
CVE-2016-6253
|
2024-11-21 11:55 |
2017-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270158
|
6.1 |
MEDIUM
Network
|
atlassian
|
confluence
|
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.a…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6283
|
2024-11-21 11:55 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270159
|
7.5 |
HIGH
Network
|
bzrtp_project
|
bzrtp
|
The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.
|
CWE-254
7PK - Security Features
|
CVE-2016-6271
|
2024-11-21 11:55 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270160
|
7.5 |
HIGH
Network
|
call-cc
|
http-client
|
The "http-client" egg always used a HTTP_PROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this …
|
CWE-19
Data Processing Errors
|
CVE-2016-6287
|
2024-11-21 11:55 |
2017-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
