|
265871
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.
|
CWE-415
Double Free
|
CVE-2016-3132
|
2024-11-21 11:49 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265872
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly hav…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-3078
|
2024-11-21 11:49 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265873
|
7.8 |
HIGH
Local
|
debian
linux
|
debian_linux
linux_kernel
|
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of …
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-3070
|
2024-11-21 11:49 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265874
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortimanager_firmware
fortianalyzer_firmware
|
Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3196
|
2024-11-21 11:49 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265875
|
6.1 |
MEDIUM
Network
|
redhat
|
satellite
|
Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data.
|
CWE-79
Cross-site Scripting
|
CVE-2016-3097
|
2024-11-21 11:49 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265876
|
6.1 |
MEDIUM
Network
|
redhat
|
satellite
|
Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters,…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3080
|
2024-11-21 11:49 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265877
|
6.5 |
MEDIUM
Network
|
mit
|
kerberos_5
|
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-3120
|
2024-11-21 11:49 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265878
|
5.4 |
MEDIUM
Network
|
oracle
|
business_intelligence
|
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidenti…
|
NVD-CWE-noinfo
|
CVE-2016-3433
|
2024-11-21 11:49 |
2016-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265879
|
5.4 |
MEDIUM
Network
|
oracle
|
business_intelligence_publisher
|
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and …
|
NVD-CWE-noinfo
|
CVE-2016-3432
|
2024-11-21 11:49 |
2016-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265880
|
4.9 |
MEDIUM
Network
|
oracle
|
mysql
|
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.
|
NVD-CWE-noinfo
|
CVE-2016-3424
|
2024-11-21 11:49 |
2016-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
