|
266341
|
8.1 |
HIGH
Network
|
invisioncommunity
php
|
invision_power_board
php
|
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.…
|
NVD-CWE-noinfo
|
CVE-2016-6174
|
2024-11-21 11:55 |
2016-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266342
|
5.4 |
MEDIUM
Network
|
huawei
|
public_cloud_solution
|
Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2016-5850
|
2024-11-21 11:55 |
2016-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266343
|
8.1 |
HIGH
Network
|
blue_coat
|
packetshaper_s-series
|
The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use o…
|
CWE-310
Cryptographic Issues
|
CVE-2016-5774
|
2024-11-21 11:55 |
2016-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266344
|
7.8 |
HIGH
Local
|
wecon
|
levistudio
|
Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5781
|
2024-11-21 11:55 |
2016-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266345
|
6.5 |
MEDIUM
Network
|
isc
redhat
|
bind
enterprise_linux
|
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and po…
|
CWE-20
Improper Input Validation
|
CVE-2016-6170
|
2024-11-21 11:55 |
2016-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266346
|
2.5 |
LOW
Local
|
siemens
|
sicam_pas\/pqs
|
Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage.
|
CWE-200
Information Exposure
|
CVE-2016-5849
|
2024-11-21 11:55 |
2016-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266347
|
6.7 |
MEDIUM
Local
|
siemens
|
sicam_pas\/pqs
|
Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges.
|
CWE-255
CWE-200
Credentials Management
Information Exposure
|
CVE-2016-5848
|
2024-11-21 11:55 |
2016-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266348
|
4.7 |
MEDIUM
Local
|
debian
linux
|
debian_linux
linux_kernel
|
Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a c…
|
CWE-362
Race Condition
|
CVE-2016-6130
|
2024-11-21 11:55 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266349
|
7.2 |
HIGH
Network
|
trend_micro
|
deep_discovery_inspector
|
hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename…
|
CWE-20
Improper Input Validation
|
CVE-2016-5840
|
2024-11-21 11:55 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266350
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5839
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
