|
266131
|
9.1 |
CRITICAL
Network
|
doorkeeper_project
|
doorkeeper
|
The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specificat…
|
CWE-254
7PK - Security Features
|
CVE-2016-6582
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266132
|
8.8 |
HIGH
Network
|
gopivotal
|
grails
|
Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of …
|
CWE-352
Origin Validation Error
|
CVE-2016-6521
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266133
|
9.8 |
CRITICAL
Network
|
liferay
|
liferay
|
Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp.
|
CWE-22
Path Traversal
|
CVE-2016-6517
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266134
|
6.1 |
MEDIUM
Network
|
infoblox
|
netmri
|
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentTyp…
|
CWE-93
CRLF Injection
|
CVE-2016-6484
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266135
|
7.5 |
HIGH
Network
|
apache
|
groovy_ldap
|
main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all searc…
|
CWE-254
7PK - Security Features
|
CVE-2016-6497
|
2024-11-21 11:56 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266136
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds writ…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-6823
|
2024-11-21 11:56 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266137
|
7.8 |
HIGH
Local
|
samsung
|
samsung_mobile
|
The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6527
|
2024-11-21 11:56 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266138
|
7.8 |
HIGH
Local
|
samsung
|
samsung_mobile
|
The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6526
|
2024-11-21 11:56 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266139
|
7.8 |
HIGH
Local
|
google
|
android
|
The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6492
|
2024-11-21 11:56 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266140
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…
|
CWE-284
Improper Access Control
|
CVE-2016-6791
|
2024-11-21 11:56 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
