|
266181
|
7.5 |
HIGH
Network
|
tiki
|
tikiwiki_cms\/groupware
|
A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.
|
CWE-200
Information Exposure
|
CVE-2016-10143
|
2024-11-21 11:43 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266182
|
7.8 |
HIGH
Local
|
tqdm_project
|
tqdm
|
The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.
|
CWE-17
Code
|
CVE-2016-10075
|
2024-11-21 11:43 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266183
|
8.1 |
HIGH
Network
|
ca
|
service_desk_management
service_desk_manager
|
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10086
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266184
|
4.3 |
MEDIUM
Network
|
wordpress
|
wordpress
|
The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authen…
|
CWE-254
CWE-284
7PK - Security Features
Improper Access Control
|
CVE-2016-10148
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266185
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-10147
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266186
|
8.6 |
HIGH
Network
|
ietf
|
ipv6
|
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security …
|
CWE-17
Code
|
CVE-2016-10142
|
2024-11-21 11:43 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266187
|
9.8 |
CRITICAL
Network
|
artifex
|
mujs
|
An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expres…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10141
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266188
|
7.5 |
HIGH
Network
|
zoneminder
|
zoneminder
|
Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker t…
|
CWE-200
Information Exposure
|
CVE-2016-10140
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266189
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.syso…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10139
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266190
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the c…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10138
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
