|
268491
|
7.5 |
HIGH
Network
|
brocade
|
network_advisor
|
A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files incl…
|
CWE-22
Path Traversal
|
CVE-2016-8207
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268492
|
7.5 |
HIGH
Network
|
brocade
|
network_advisor
|
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary fi…
|
CWE-22
Path Traversal
|
CVE-2016-8206
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268493
|
9.8 |
CRITICAL
Network
|
brocade
|
network_advisor
|
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious fi…
|
CWE-22
Path Traversal
|
CVE-2016-8205
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268494
|
9.8 |
CRITICAL
Network
|
broadcom
|
brocade_network_advisor
|
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a s…
|
CWE-22
Path Traversal
|
CVE-2016-8204
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268495
|
8.0 |
HIGH
Network
|
brocade
|
virtual_traffic_manager
|
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traff…
|
CWE-352
Origin Validation Error
|
CVE-2016-8201
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268496
|
7.5 |
HIGH
Network
|
ntp
hpe
|
ntp
hpux-ntp
|
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
|
CWE-20
Improper Input Validation
|
CVE-2016-7434
|
2024-11-21 11:58 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268497
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload an evil 'exploit.tar.gz' file to the website, then extract it by visiting '/install…
|
CWE-20
Improper Input Validation
|
CVE-2016-7791
|
2024-11-21 11:58 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268498
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/con…
|
CWE-20
Improper Input Validation
|
CVE-2016-7790
|
2024-11-21 11:58 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268499
|
9.8 |
CRITICAL
Network
|
php
|
php
|
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain ar…
|
CWE-416
Use After Free
|
CVE-2016-7479
|
2024-11-21 11:58 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268500
|
9.8 |
CRITICAL
Network
|
php
netapp
|
php
clustered_data_ontap
|
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7480
|
2024-11-21 11:58 |
2017-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
