|
267161
|
9.8 |
CRITICAL
Network
|
artifex
|
mujs
|
An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expres…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10141
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267162
|
7.5 |
HIGH
Network
|
zoneminder
|
zoneminder
|
Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker t…
|
CWE-200
Information Exposure
|
CVE-2016-10140
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267163
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.syso…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10139
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267164
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the c…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10138
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267165
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10137
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267166
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10136
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267167
|
5.5 |
MEDIUM
Local
|
lg
|
lg_mobile
|
An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with …
|
CWE-200
Information Exposure
|
CVE-2016-10135
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267168
|
5.9 |
MEDIUM
Network
|
igniterealtime
fedoraproject
|
smack
fedora
|
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of clea…
|
CWE-362
Race Condition
|
CVE-2016-10027
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267169
|
9.8 |
CRITICAL
Network
|
codeigniter
|
codeigniter
|
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
|
CWE-74
Injection
|
CVE-2016-10131
|
2024-11-21 11:43 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267170
|
9.8 |
CRITICAL
Network
|
splunk
|
splunk
|
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10126
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
