|
265011
|
8.8 |
HIGH
Network
|
adobe
redhat
|
flash_player_for_linux
flash_player
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_desktop
|
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2016-7858
|
2024-11-21 11:58 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265012
|
8.8 |
HIGH
Network
|
adobe
redhat
|
flash_player_for_linux
flash_player
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_desktop
|
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2016-7857
|
2024-11-21 11:58 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265013
|
6.1 |
MEDIUM
Network
|
adobe
|
connect
|
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7851
|
2024-11-21 11:58 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265014
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection.
|
CWE-89
SQL Injection
|
CVE-2016-7453
|
2024-11-21 11:58 |
2016-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265015
|
7.5 |
HIGH
Network
|
exponentcms
|
exponent_cms
|
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-7452
|
2024-11-21 11:58 |
2016-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265016
|
7.5 |
HIGH
Network
|
brocade
|
netiron_os
|
A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8203
|
2024-11-21 11:58 |
2016-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265017
|
7.5 |
HIGH
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and …
|
CWE-388
7PK - Errors
|
CVE-2016-7991
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265018
|
9.8 |
CRITICAL
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can resul…
|
CWE-190
CWE-388
Integer Overflow or Wraparound
7PK - Errors
|
CVE-2016-7990
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265019
|
7.5 |
HIGH
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the…
|
CWE-254
7PK - Security Features
|
CVE-2016-7989
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265020
|
7.5 |
HIGH
Network
|
google
|
android
|
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configur…
|
CWE-275
CWE-388
Permission Issues
7PK - Errors
|
CVE-2016-7988
|
2024-11-21 11:58 |
2016-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
