|
267441
|
7.5 |
HIGH
Network
|
exponentcms
|
exponent_cms
|
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-7452
|
2024-11-21 11:58 |
2016-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267442
|
7.5 |
HIGH
Network
|
brocade
|
netiron_os
|
A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8203
|
2024-11-21 11:58 |
2016-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267443
|
7.5 |
HIGH
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and …
|
CWE-388
7PK - Errors
|
CVE-2016-7991
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267444
|
9.8 |
CRITICAL
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can resul…
|
CWE-190
CWE-388
Integer Overflow or Wraparound
7PK - Errors
|
CVE-2016-7990
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267445
|
7.5 |
HIGH
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the…
|
CWE-254
7PK - Security Features
|
CVE-2016-7989
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267446
|
7.5 |
HIGH
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configur…
|
CWE-275
CWE-388
Permission Issues
7PK - Errors
|
CVE-2016-7988
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267447
|
6.5 |
MEDIUM
Network
|
dokuwiki
|
dokuwiki
|
DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL. This can lead to phishing attacks. (A remote unauthenticated attacker can cha…
|
CWE-20
Improper Input Validation
|
CVE-2016-7965
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267448
|
8.6 |
HIGH
Network
|
dokuwiki
|
dokuwiki
|
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-7964
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267449
|
7.5 |
HIGH
Network
|
artifex
|
mujs
|
An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-7506
|
2024-11-21 11:58 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267450
|
9.8 |
CRITICAL
Network
|
artifex
|
mujs
|
A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7505
|
2024-11-21 11:58 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
