|
256911
|
6.5 |
MEDIUM
Local
|
qemu
debian
redhat
|
qemu
debian_linux
openstack
virtualization
|
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. …
|
CWE-369
Divide By Zero
|
CVE-2016-9921
|
2024-11-21 12:02 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256912
|
6.1 |
MEDIUM
Network
|
spip
|
spip
|
SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9998
|
2024-11-21 12:02 |
2016-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256913
|
6.1 |
MEDIUM
Network
|
spip
|
spip
|
SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9997
|
2024-11-21 12:02 |
2016-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256914
|
6.5 |
MEDIUM
Network
|
apport_project
|
apport
|
An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user click…
|
CWE-284
Improper Access Control
|
CVE-2016-9951
|
2024-11-21 12:02 |
2016-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256915
|
7.8 |
HIGH
Local
|
apport_project
canonical
|
apport
ubuntu_linux
|
An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package sp…
|
CWE-22
Path Traversal
|
CVE-2016-9950
|
2024-11-21 12:02 |
2016-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256916
|
7.8 |
HIGH
Local
|
apport_project
canonical
|
apport
ubuntu_linux
|
An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers t…
|
CWE-94
Code Injection
|
CVE-2016-9949
|
2024-11-21 12:02 |
2016-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256917
|
9.8 |
CRITICAL
Network
|
samsung
|
samsung_mobile
|
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily re…
|
CWE-388
7PK - Errors
|
CVE-2016-9967
|
2024-11-21 12:02 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256918
|
9.8 |
CRITICAL
Network
|
samsung
|
samsung_mobile
|
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily re…
|
CWE-388
7PK - Errors
|
CVE-2016-9966
|
2024-11-21 12:02 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256919
|
9.8 |
CRITICAL
Network
|
samsung
|
samsung_mobile
|
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily re…
|
CWE-388
7PK - Errors
|
CVE-2016-9965
|
2024-11-21 12:02 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256920
|
6.5 |
MEDIUM
Network
|
bottlepy
debian
|
bottle
debian_linux
|
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
|
CWE-93
CRLF Injection
|
CVE-2016-9964
|
2024-11-21 12:02 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
