|
265471
|
8.1 |
HIGH
Network
|
zabbix
|
zabbix
|
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, all…
|
CWE-89
SQL Injection
|
CVE-2016-4338
|
2024-11-21 11:51 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265472
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a …
|
CWE-79
Cross-site Scripting
|
CVE-2016-4056
|
2024-11-21 11:51 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265473
|
6.5 |
MEDIUM
Network
|
momentjs
tenable
oracle
|
moment
nessus
primavera_unifier
|
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Ser…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-4055
|
2024-11-21 11:51 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265474
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
|
CWE-74
Injection
|
CVE-2016-4010
|
2024-11-21 11:51 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265475
|
7.5 |
HIGH
Network
|
synacor
|
zimbra_collaboration_suite
|
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477.
|
NVD-CWE-noinfo
|
CVE-2016-4019
|
2024-11-21 11:51 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265476
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104552 and 104…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3999
|
2024-11-21 11:51 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265477
|
9.8 |
CRITICAL
Network
|
lexmark
|
perceptive_document_filters
|
An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-4336
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265478
|
8.4 |
HIGH
Local
|
lexmark
|
perceptive_document_filters
|
An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulti…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4335
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265479
|
5.5 |
MEDIUM
Local
|
kaspersky
|
internet_security
total_security
anti-virus
|
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause ap…
|
CWE-20
Improper Input Validation
|
CVE-2016-4329
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265480
|
3.7 |
LOW
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or …
|
CWE-22
Path Traversal
|
CVE-2016-4323
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
