|
264681
|
8.8 |
HIGH
Network
|
redhat
|
cloudforms
cloudforms_management_engine
|
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could us…
|
-
|
CVE-2016-5402
|
2024-11-21 11:54 |
2018-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264682
|
9.8 |
CRITICAL
Network
|
netgear
|
dgn2200_firmware
dgnd3700_firmware
|
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to acces…
|
CWE-200
Information Exposure
|
CVE-2016-5649
|
2024-11-21 11:54 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264683
|
7.5 |
HIGH
Network
|
netgear
|
wndr4500_firmware
|
There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even w…
|
CWE-200
Information Exposure
|
CVE-2016-5638
|
2024-11-21 11:54 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264684
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
|
A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Androi…
|
CWE-275
Permission Issues
|
CVE-2016-5299
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264685
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefo…
|
CWE-20
Improper Input Validation
|
CVE-2016-5298
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264686
|
9.8 |
CRITICAL
Network
|
mozilla
debian
|
firefox
thunderbird
firefox_esr
debian_linux
|
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Fire…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5297
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264687
|
7.5 |
HIGH
Network
|
mozilla
debian
|
firefox
thunderbird
firefox_esr
debian_linux
|
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR <…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5296
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264688
|
7.8 |
HIGH
Local
|
mozilla
|
firefox
|
This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vuln…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5295
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264689
|
5.5 |
MEDIUM
Local
|
mozilla
|
firefox
firefox_esr
thunderbird
|
The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue o…
|
CWE-20
Improper Input Validation
|
CVE-2016-5294
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264690
|
5.5 |
MEDIUM
Local
|
mozilla
debian
|
firefox
firefox_esr
debian_linux
|
When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system acc…
|
CWE-20
Improper Input Validation
|
CVE-2016-5293
|
2024-11-21 11:54 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
