|
268241
|
8.8 |
HIGH
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM)…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-9426
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268242
|
8.8 |
HIGH
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9425
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268243
|
8.8 |
HIGH
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap b…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9424
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268244
|
8.8 |
HIGH
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9423
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268245
|
8.8 |
HIGH
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9422
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268246
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. When the arg_separator is different from its default & value, the CSRF token was not properly stripped from the return URL of the preference import action. All …
|
CWE-352
Origin Validation Error
|
CVE-2016-9866
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268247
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.…
|
CWE-254
CWE-502
7PK - Security Features
Deserialization of Untrusted Data
|
CVE-2016-9865
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268248
|
7.5 |
HIGH
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are aff…
|
CWE-20
Improper Input Validation
|
CVE-2016-9863
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268249
|
7.5 |
HIGH
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected.
|
CWE-94
Code Injection
|
CVE-2016-9862
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268250
|
7.5 |
HIGH
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.…
|
CWE-254
7PK - Security Features
|
CVE-2016-9861
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
