CVSS: 7.1EPSS: 0%CPEs: 108EXPL: 0CVE-2016-1344
https://notcve.org/view.php?id=CVE-2016-1344
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. La implementación de IKEv2 en Cisco IOS hasta la versión 15.6 y IOS XE 3.3 hasta la versión 3.17 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de paquetes fragmentados, también conocido como Bug ID CSCux38417. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2 http://www.securityfocus.com/bid/85311 http://www.securitytracker.com/id/1035382 • CWE-399: Resource Management Errors •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-1489 – Lenovo ShareIT Information Disclosure / Hardcoded Password
https://notcve.org/view.php?id=CVE-2016-1489
Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. Lenovo SHAREit en versiones anteriores a 3.2.0 para Windows y SHAREit en versiones anteriores a 3.5.48_ww para Android transfieren archivos en texto plano, lo que permite a atacantes remotos (1) obtener información sensible rastreando la red o (2) llevar a cabo ataques man-in-the-middle (MITM) a través de vectores no especificados. Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities. • http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html http://seclists.org/fulldisclosure/2016/Jan/67 http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities http://www.securityfocus.com/archive/1/537365/100/0/threaded https://support.lenovo.com/us/en/product_security/len_4058 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1491 – Lenovo ShareIT Information Disclosure / Hardcoded Password
https://notcve.org/view.php?id=CVE-2016-1491
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. El hotspot Wifi en Lenovo SHAREit en versiones anteriores a 3.2.0 para Windows, cuando está configurado para recibir archivos, tiene embebida una contraseña de 12345678, lo que facilita a atacantes remotos obtener acceso aprovechando una posición dentro del área de cobertura WLAN. Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities. • http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html http://seclists.org/fulldisclosure/2016/Jan/67 http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities http://www.securityfocus.com/archive/1/537365/100/0/threaded https://support.lenovo.com/us/en/product_security/len_4058 • CWE-255: Credentials Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1492 – Lenovo ShareIT Information Disclosure / Hardcoded Password
https://notcve.org/view.php?id=CVE-2016-1492
The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. El hotspot Wifi en Lenovo SHAREit en versiones anteriores a 3.5.48_ww para Android, cuando está configurado para recibir archivos, no requiere una contraseña, lo que facilita a atacantes remotos obtener acceso aprovechando una posición dentro del área de cobertura WLAN. Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities. • http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html http://seclists.org/fulldisclosure/2016/Jan/67 http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities http://www.securityfocus.com/archive/1/537365/100/0/threaded https://support.lenovo.com/us/en/product_security/len_4058 • CWE-284: Improper Access Control •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1490 – Lenovo ShareIT Information Disclosure / Hardcoded Password
https://notcve.org/view.php?id=CVE-2016-1490
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list. El hotspot Wifi en Lenovo SHAREit en versiones anteriores a 3.2.0 para Windows permite a atacantes remotos obtener nombres sensibles de archivo a través de una petición de archivo a /list manipulada. Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities. • http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html http://seclists.org/fulldisclosure/2016/Jan/67 http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities http://www.securityfocus.com/archive/1/537365/100/0/threaded https://support.lenovo.com/us/en/product_security/len_4058 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •