|
265171
|
6.1 |
MEDIUM
Network
|
opera
|
opera_mini
opera_browser
|
Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related to the about:blank URL.
|
CWE-601
Open Redirect
|
CVE-2016-4075
|
2024-11-21 11:51 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265172
|
7.8 |
HIGH
Local
|
hancom
|
hancom_office_2014
|
Multiple heap-based buffer overflows in the (1) CBookBase::SetDefTableStyle and (2) CBookBase::SetDefPivotStyle functions in Hancom Office 2014 VP allow remote attackers to execute arbitrary code via…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4293
|
2024-11-21 11:51 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265173
|
4.6 |
MEDIUM
Physics
|
samsung
|
galaxy_s6_firmware
galaxy_note_3_firmware
galaxy_s4_mini_firmware
galaxy_s4_mini_lte_firmware
galaxy_s4_firmware
|
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-…
|
CWE-284
Improper Access Control
|
CVE-2016-4032
|
2024-11-21 11:51 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265174
|
6.8 |
MEDIUM
Physics
|
samsung
|
galaxy_s6_firmware
galaxy_note_3_firmware
galaxy_s4_mini_firmware
galaxy_s4_mini_lte_firmware
galaxy_s4_firmware
|
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-…
|
CWE-284
Improper Access Control
|
CVE-2016-4031
|
2024-11-21 11:51 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265175
|
6.8 |
MEDIUM
Physics
|
samsung
|
galaxy_s6_firmware
galaxy_note_3_firmware
galaxy_s4_mini_firmware
galaxy_s4_mini_lte_firmware
galaxy_s4_firmware
|
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-…
|
CWE-284
Improper Access Control
|
CVE-2016-4030
|
2024-11-21 11:51 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265176
|
6.1 |
MEDIUM
Network
|
opensuse
roundcube
|
leap
opensuse
roundcube_webmail
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4068
|
2024-11-21 11:51 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265177
|
9.8 |
CRITICAL
Network
|
ktools
|
photostore
|
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
|
CWE-89
SQL Injection
|
CVE-2016-4337
|
2024-11-21 11:51 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265178
|
6.1 |
MEDIUM
Network
|
jivesoftware
|
jive
|
Jive before 2016.3.1 has an open redirect from the external-link.jspa page.
|
CWE-601
Open Redirect
|
CVE-2016-4334
|
2024-11-21 11:51 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265179
|
4.3 |
MEDIUM
Network
|
atlassian
|
bitbucket
|
Atlassian Bitbucket Server before 4.7.1 allows remote attackers to read the first line of an arbitrary file via a directory traversal attack on the pull requests resource.
|
CWE-22
Path Traversal
|
CVE-2016-4320
|
2024-11-21 11:51 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265180
|
8.8 |
HIGH
Network
|
atlassian
|
jira
|
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.
|
CWE-352
Origin Validation Error
|
CVE-2016-4319
|
2024-11-21 11:51 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
