|
266101
|
6.1 |
MEDIUM
Network
|
hiniarata
|
casebook_plugin
|
Cross-site scripting (XSS) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1169
|
2024-11-21 11:45 |
2016-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266102
|
6.1 |
MEDIUM
Network
|
falconsc
|
wisepoint_authenticator
wisepoint
|
The management screen in Falcon WisePoint 4.3.1 and earlier and WisePoint Authenticator 4.1.19.22 and earlier allows remote attackers to conduct clickjacking attacks via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2016-1177
|
2024-11-21 11:45 |
2016-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266103
|
6.3 |
MEDIUM
Network
|
sharp
|
eva_animator
|
Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1176
|
2024-11-21 11:45 |
2016-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266104
|
4.3 |
MEDIUM
Network
|
sharp
|
aquos_hn-pp150_firmware
|
Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2016-1175
|
2024-11-21 11:45 |
2016-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266105
|
8.8 |
HIGH
Network
|
aterm
|
wf800hp_firmware
|
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2016-1168
|
2024-11-21 11:45 |
2016-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266106
|
8.8 |
HIGH
Network
|
aterm
|
wg300hp_firmware
|
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2016-1167
|
2024-11-21 11:45 |
2016-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266107
|
6.1 |
MEDIUM
Network
|
wp_favorite_posts_project
|
wp_favorite_posts
|
Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1160
|
2024-11-21 11:45 |
2016-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266108
|
8.8 |
HIGH
Network
|
adobe
samsung
|
flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler
|
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Ad…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2016-1005
|
2024-11-21 11:45 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266109
|
8.8 |
HIGH
Network
|
adobe
samsung
|
flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler
|
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Ad…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1002
|
2024-11-21 11:45 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266110
|
8.8 |
HIGH
Network
|
adobe
samsung
|
flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler
|
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-1001
|
2024-11-21 11:45 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
