|
264561
|
7.5 |
HIGH
Network
|
brocade
|
network_advisor
|
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary fi…
|
CWE-22
Path Traversal
|
CVE-2016-8206
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264562
|
9.8 |
CRITICAL
Network
|
brocade
|
network_advisor
|
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious fi…
|
CWE-22
Path Traversal
|
CVE-2016-8205
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264563
|
9.8 |
CRITICAL
Network
|
broadcom
|
brocade_network_advisor
|
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a s…
|
CWE-22
Path Traversal
|
CVE-2016-8204
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264564
|
8.0 |
HIGH
Network
|
brocade
|
virtual_traffic_manager
|
A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0 could allow an attacker to trick a logged-in user into making administrative changes on the traff…
|
CWE-352
Origin Validation Error
|
CVE-2016-8201
|
2024-11-21 11:58 |
2017-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264565
|
7.5 |
HIGH
Network
|
ntp
hpe
|
ntp
hpux-ntp
|
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
|
CWE-20
Improper Input Validation
|
CVE-2016-7434
|
2024-11-21 11:58 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264566
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload an evil 'exploit.tar.gz' file to the website, then extract it by visiting '/install…
|
CWE-20
Improper Input Validation
|
CVE-2016-7791
|
2024-11-21 11:58 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264567
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/con…
|
CWE-20
Improper Input Validation
|
CVE-2016-7790
|
2024-11-21 11:58 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264568
|
9.8 |
CRITICAL
Network
|
php
|
php
|
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain ar…
|
CWE-416
Use After Free
|
CVE-2016-7479
|
2024-11-21 11:58 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264569
|
9.8 |
CRITICAL
Network
|
php
netapp
|
php
clustered_data_ontap
|
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7480
|
2024-11-21 11:58 |
2017-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264570
|
7.5 |
HIGH
Network
|
php
|
php
|
Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data…
|
NVD-CWE-Other
|
CVE-2016-7478
|
2024-11-21 11:58 |
2017-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
