|
266501
|
6.5 |
MEDIUM
Network
|
pl\/java_project
|
pl\/java
|
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.
|
CWE-269
Improper Privilege Management
|
CVE-2016-2192
|
2024-11-21 11:48 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266502
|
5.9 |
MEDIUM
Network
|
invisioncommunity
|
invision_power_board
|
Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board…
|
CWE-331
Insufficient Entropy
|
CVE-2016-2564
|
2024-11-21 11:48 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266503
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.
|
CWE-284
Improper Access Control
|
CVE-2016-2433
|
2024-11-21 11:48 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266504
|
7.8 |
HIGH
Local
|
opensuse
debian
lhasa_project
|
leap
opensuse
debian_linux
lhasa
|
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-2347
|
2024-11-21 11:48 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266505
|
3.3 |
LOW
Local
|
samsung
|
galaxy_s6_firmware
galaxy_note_3_firmware
|
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exc…
|
CWE-20
Improper Input Validation
|
CVE-2016-2567
|
2024-11-21 11:48 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266506
|
9.8 |
CRITICAL
Network
|
samsung
|
galaxy_s6_firmware
|
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.
|
CWE-89
SQL Injection
|
CVE-2016-2566
|
2024-11-21 11:48 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266507
|
3.3 |
LOW
Local
|
samsung
|
galaxy_s6_firmware
|
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.
|
CWE-200
Information Exposure
|
CVE-2016-2565
|
2024-11-21 11:48 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266508
|
9.8 |
CRITICAL
Network
|
atutor
|
atutor
|
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
|
CWE-89
SQL Injection
|
CVE-2016-2555
|
2024-11-21 11:48 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266509
|
6.1 |
MEDIUM
Network
|
mozilla
|
bugzilla
|
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2016-2803
|
2024-11-21 11:48 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266510
|
7.5 |
HIGH
Network
|
huawei
|
s5700_firmware
s6700_firmware
s7700_firmware
s9700_firmware
s12700_firmware
acu2_firmware
|
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2404
|
2024-11-21 11:48 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
