|
265581
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.
|
CWE-284
Improper Access Control
|
CVE-2016-3733
|
2024-11-21 11:50 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265582
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of…
|
CWE-200
Information Exposure
|
CVE-2016-3732
|
2024-11-21 11:50 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265583
|
5.3 |
MEDIUM
Network
|
moodle
|
moodle
|
Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions.
|
CWE-200
Information Exposure
|
CVE-2016-3731
|
2024-11-21 11:50 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265584
|
6.5 |
MEDIUM
Network
|
moodle
|
moodle
|
The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the admini…
|
CWE-284
Improper Access Control
|
CVE-2016-3729
|
2024-11-21 11:50 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265585
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
|
Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3740
|
2024-11-21 11:50 |
2017-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265586
|
9.8 |
CRITICAL
Network
|
modified
|
ecommerce_shopsoftware
|
Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2016-3694
|
2024-11-21 11:50 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265587
|
8.8 |
HIGH
Network
|
libjpeg-turbo
redhat
debian
canonical
|
libjpeg-turbo
enterprise_linux
debian_linux
ubuntu_linux
|
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-3616
|
2024-11-21 11:50 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265588
|
4.7 |
MEDIUM
Local
|
sap
|
download_manager
|
SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration info…
|
CWE-255
CWE-798
Credentials Management
Use of Hard-coded Credentials
|
CVE-2016-3685
|
2024-11-21 11:50 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265589
|
4.7 |
MEDIUM
Local
|
sap
|
download_manager
|
SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging k…
|
NVD-CWE-Other
|
CVE-2016-3684
|
2024-11-21 11:50 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265590
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local m…
|
CWE-200
Information Exposure
|
CVE-2016-3907
|
2024-11-21 11:50 |
2016-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
