|
267981
|
3.7 |
LOW
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (X…
|
NVD-CWE-Other
|
CVE-2016-1899
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267982
|
6.5 |
MEDIUM
Network
|
jasper_project
|
jasper
|
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1867
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267983
|
5.3 |
MEDIUM
Network
|
openbsd
|
openssh
|
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1907
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267984
|
7.3 |
HIGH
Network
|
php
|
php
|
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) ph…
|
CWE-189
Numeric Errors
|
CVE-2016-1904
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267985
|
9.1 |
CRITICAL
Network
|
php
|
php
|
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or ca…
|
CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error')
Information Exposure
|
CVE-2016-1903
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267986
|
5.4 |
MEDIUM
Network
|
redhen_project
|
redhen
|
Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1913
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267987
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr
|
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) lastname, (2) firstname, (3) email, (…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1912
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267988
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver
|
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pm…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1911
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267989
|
5.3 |
MEDIUM
Network
|
sap
|
netweaver
|
The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.
|
CWE-200
Information Exposure
|
CVE-2016-1910
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267990
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortios
|
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1909
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
