|
275611
|
8.1 |
HIGH
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2368
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275612
|
5.9 |
MEDIUM
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server,…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2016-2367
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275613
|
5.9 |
MEDIUM
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-2366
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275614
|
5.9 |
MEDIUM
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A mali…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2365
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275615
|
9.8 |
CRITICAL
Network
|
ruby-lang
|
ruby
|
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2339
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275616
|
9.8 |
CRITICAL
Network
|
ruby-lang
|
ruby
|
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.
|
NVD-CWE-Other
|
CVE-2016-2337
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275617
|
9.8 |
CRITICAL
Network
|
ruby-lang
|
ruby
|
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code e…
|
NVD-CWE-Other
|
CVE-2016-2336
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275618
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2198
|
2024-11-21 11:48 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275619
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List B…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2197
|
2024-11-21 11:48 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275620
|
7.8 |
HIGH
Local
|
hp
|
thinpro
|
HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2246
|
2024-11-21 11:48 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
