Skip to main content
CVE-2016-4957 HIGH PATCH Act Now

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 59.1%.

Denial Of Service Null Pointer Dereference Ntp Solaris Manager Proxy +6
NVD
CVSS 3.1
7.5
EPSS
59.1%
CVE-2016-4953 HIGH PATCH Act Now

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.6%.

Denial Of Service Authentication Bypass Ntp Solaris Manager +9
NVD
CVSS 3.1
7.5
EPSS
13.6%
CVE-2016-4954 HIGH PATCH This Week

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Race Condition Denial Of Service Ntp Solaris Manager +9
NVD
CVSS 3.1
7.5
EPSS
5.5%
CVE-2016-4955 MEDIUM PATCH This Month

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Ntp Solaris Manager Proxy +7
NVD
CVSS 3.1
5.9
EPSS
1.7%
CVE-2016-5099 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Phpmyadmin Opensuse
NVD GitHub
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-4956 MEDIUM This Month

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ntp Solaris Manager Proxy Openstack Cloud +6
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2016-5097 MEDIUM PATCH This Month

phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Opensuse Phpmyadmin
NVD GitHub
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-5098 MEDIUM PATCH This Month

Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Phpmyadmin Opensuse
NVD GitHub
CVSS 3.0
5.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy