|
264791
|
5.4 |
MEDIUM
Network
|
s9y
|
serendipity
|
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before 2.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a category or directory name.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9681
|
2024-11-21 12:01 |
2016-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264792
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy'. …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2016-9912
|
2024-11-21 12:01 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264793
|
6.5 |
MEDIUM
Local
|
qemu
debian
redhat
|
qemu
debian_linux
openstack
virtualization
|
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process coul…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2016-9911
|
2024-11-21 12:01 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264794
|
3.3 |
LOW
Local
|
qemu
|
qemu
|
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest use…
|
CWE-200
Information Exposure
|
CVE-2016-9908
|
2024-11-21 12:01 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264795
|
6.5 |
MEDIUM
Local
|
qemu
debian
redhat
|
qemu
debian_linux
openstack
virtualization
|
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2016-9907
|
2024-11-21 12:01 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264796
|
6.1 |
MEDIUM
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Some forms with the parameter geo_zoomlevel_to_found_location in Tiki Wiki CMS 12.x before 12.10 LTS, 15.x before 15.3 LTS, and 16.x before 16.1 don't have the input sanitized, related to tiki-setup.…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9889
|
2024-11-21 12:01 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264797
|
5.5 |
MEDIUM
Local
|
ffmpeg
|
ffmpeg
|
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a cr…
|
CWE-399
Resource Management Errors
|
CVE-2016-9561
|
2024-11-21 12:01 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264798
|
7.8 |
HIGH
Local
|
uclouvain
redhat
|
openjpeg
enterprise_linux
enterprise_linux_for_scientific_computing
enterprise_linux_for_ibm_z_systems
enterprise_linux_for_power_big_endian
|
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-9675
|
2024-11-21 12:01 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264799
|
5.4 |
MEDIUM
Network
|
rapid7
|
nexpose
|
In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag nam…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9757
|
2024-11-21 12:01 |
2016-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264800
|
7.5 |
HIGH
Network
|
joomla
|
joomla\!
|
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a us…
|
CWE-284
Improper Access Control
|
CVE-2016-9838
|
2024-11-21 12:01 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
