|
265661
|
6.5 |
MEDIUM
Network
|
momentjs
tenable
oracle
|
moment
nessus
primavera_unifier
|
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Ser…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-4055
|
2024-11-21 11:51 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265662
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
|
CWE-74
Injection
|
CVE-2016-4010
|
2024-11-21 11:51 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265663
|
7.5 |
HIGH
Network
|
synacor
|
zimbra_collaboration_suite
|
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477.
|
NVD-CWE-noinfo
|
CVE-2016-4019
|
2024-11-21 11:51 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265664
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104552 and 104…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3999
|
2024-11-21 11:51 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265665
|
9.8 |
CRITICAL
Network
|
lexmark
|
perceptive_document_filters
|
An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-4336
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265666
|
8.4 |
HIGH
Local
|
lexmark
|
perceptive_document_filters
|
An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulti…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4335
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265667
|
5.5 |
MEDIUM
Local
|
kaspersky
|
internet_security
total_security
anti-virus
|
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause ap…
|
CWE-20
Improper Input Validation
|
CVE-2016-4329
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265668
|
3.7 |
LOW
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or …
|
CWE-22
Path Traversal
|
CVE-2016-4323
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265669
|
5.5 |
MEDIUM
Local
|
kaspersky
|
internet_security
|
A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel dr…
|
CWE-284
Improper Access Control
|
CVE-2016-4307
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265670
|
5.5 |
MEDIUM
Local
|
kaspersky
|
total_security
|
Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memor…
|
CWE-200
Information Exposure
|
CVE-2016-4306
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
