Skip to main content
CVE-2016-5365 CRITICAL Act Now

Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Huawei Honor Ws851 Firmware
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2016-5338 HIGH PATCH This Week

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Denial Of Service Qemu Ubuntu Linux Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-5367 HIGH This Week

Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors, aka HWPSIRT-2016-05053. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Huawei Honor Ws851 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2016-5366 HIGH This Week

Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to modify configuration data via vectors related to a "file injection vulnerability," aka HWPSIRT-2016-05052. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Honor Ws851 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2016-5337 MEDIUM PATCH This Month

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-5238 MEDIUM PATCH This Month

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Buffer Overflow Qemu Ubuntu Linux +1
NVD
CVSS 3.1
4.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy