|
264941
|
9.8 |
CRITICAL
Network
|
emerson
|
liebert_sitescan_web
|
An XML External Entity (XXE) issue was discovered in Emerson Liebert SiteScan Web Version 6.5, and prior. An attacker may enter malicious input to Liebert SiteScan through a weakly configured XML par…
|
CWE-611
XXE
|
CVE-2016-8348
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264942
|
9.8 |
CRITICAL
Network
|
kabona_ab
|
webdatorcentral
|
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. WDC does not limit authentication attempts that may allow a brute force attack method.
|
CWE-287
Improper Authentication
|
CVE-2016-8347
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264943
|
7.5 |
HIGH
Network
|
moxa
|
edr-810_firmware
|
An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access configuration and log fi…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-8346
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264944
|
3.7 |
LOW
Network
|
honeywell
|
experion_process_knowledge_system
|
An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release…
|
CWE-20
Improper Input Validation
|
CVE-2016-8344
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264945
|
9.8 |
CRITICAL
Network
|
ecava
|
integraxor
|
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's databa…
|
CWE-89
SQL Injection
|
CVE-2016-8341
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264946
|
7.0 |
HIGH
Local
|
bubblewrap_project
|
bubblewrap
|
Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8659
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264947
|
7.4 |
HIGH
Network
|
fortinet
|
fortimanager_firmware
|
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MI…
|
CWE-200
Information Exposure
|
CVE-2016-8495
|
2024-11-21 11:59 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264948
|
7.8 |
HIGH
Local
|
gonitro
|
nitro_pdf_pro
|
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9. A specially crafted PDF file can cause a vulnerability resulting in potent…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8713
|
2024-11-21 11:59 |
2017-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264949
|
7.8 |
HIGH
Local
|
gonitro
|
nitro_pdf_pro
|
A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential code execution. …
|
NVD-CWE-noinfo
|
CVE-2016-8711
|
2024-11-21 11:59 |
2017-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264950
|
7.8 |
HIGH
Local
|
gonitro
|
nitro_pdf_pro
|
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential me…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8709
|
2024-11-21 11:59 |
2017-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
