|
264781
|
7.1 |
HIGH
Network
|
wordpress
|
wordpress
|
Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read…
|
CWE-22
Path Traversal
|
CVE-2016-6896
|
2024-11-21 11:57 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264782
|
5.4 |
MEDIUM
Network
|
b2evolution
|
b2evolution
|
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7150
|
2024-11-21 11:57 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264783
|
6.1 |
MEDIUM
Network
|
b2evolution
|
b2evolution
|
Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7149
|
2024-11-21 11:57 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264784
|
8.1 |
HIGH
Network
|
unrealircd
|
unrealircd
|
The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user vi…
|
CWE-287
Improper Authentication
|
CVE-2016-7144
|
2024-11-21 11:57 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264785
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-7101
|
2024-11-21 11:57 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264786
|
5.3 |
MEDIUM
Network
|
ntp
|
ntp
|
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include t…
|
CWE-682
Incorrect Calculation
|
CVE-2016-7433
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264787
|
5.3 |
MEDIUM
Network
|
ntp
|
ntp
|
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
|
CWE-20
Improper Input Validation
|
CVE-2016-7431
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264788
|
3.7 |
LOW
Network
|
ntp
|
ntp
|
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source)…
|
CWE-18
Source Code
|
CVE-2016-7429
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264789
|
4.3 |
MEDIUM
Adjacent
|
ntp
|
ntp
|
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-7428
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264790
|
4.3 |
MEDIUM
Adjacent
|
ntp
|
ntp
|
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode pack…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-7427
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
