|
266711
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5256
|
2024-11-21 11:53 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266712
|
7.8 |
HIGH
Local
|
lenovo
|
bios
|
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devi…
|
CWE-254
7PK - Security Features
|
CVE-2016-5247
|
2024-11-21 11:53 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266713
|
8.1 |
HIGH
Network
|
apache
|
zookeeper
|
Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command str…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5017
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266714
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortiwan
|
Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the IP parameter to script/statisti…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4969
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266715
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiwan
|
The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request.
|
CWE-200
Information Exposure
|
CVE-2016-4968
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266716
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiwan
|
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCA…
|
CWE-200
Information Exposure
|
CVE-2016-4967
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266717
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiwan
|
The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.
|
CWE-287
Improper Authentication
|
CVE-2016-4966
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266718
|
8.8 |
HIGH
Network
|
fortinet
|
fortiwan
|
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph param…
|
CWE-78
OS Command
|
CVE-2016-4965
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266719
|
7.5 |
HIGH
Network
|
redhat
oracle
libarchive
|
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_hpc_…
|
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO …
|
CWE-20
Improper Input Validation
|
CVE-2016-4809
|
2024-11-21 11:53 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266720
|
7.3 |
HIGH
Network
|
yokogawa
|
stardom_fcn\/fcj
|
Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of se…
|
CWE-287
Improper Authentication
|
CVE-2016-4860
|
2024-11-21 11:53 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
