|
264401
|
5.9 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connect…
|
CWE-295
Improper Certificate Validation
|
CVE-2016-9064
|
2024-11-21 12:00 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264402
|
9.8 |
CRITICAL
Network
|
mozilla
debian
python
|
firefox
debian_linux
python
|
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-9063
|
2024-11-21 12:00 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264403
|
3.3 |
LOW
Local
|
mozilla
|
firefox
|
Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue onl…
|
CWE-200
Information Exposure
|
CVE-2016-9062
|
2024-11-21 12:00 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264404
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
|
A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Fir…
|
CWE-275
Permission Issues
|
CVE-2016-9061
|
2024-11-21 12:00 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264405
|
5.9 |
MEDIUM
Network
|
ntp
freebsd
hpe
siemens
|
ntp
freebsd
hpux-ntp
simatic_net_cp_443-1_opc_ua_firmware
|
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected…
|
CWE-20
Improper Input Validation
|
CVE-2016-9042
|
2024-11-21 12:00 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264406
|
10.0 |
CRITICAL
Network
|
redlion
|
sixnet-managed_industrial_switches_firmware
stride-managed_ethernet_switches_firmware
|
A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmw…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-9335
|
2024-11-21 12:00 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264407
|
7.8 |
HIGH
Local
|
corel
|
coreldraw
|
An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661). A specially crafted EMF file can cause a vulnerabil…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-9043
|
2024-11-21 12:00 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264408
|
7.8 |
HIGH
Local
|
sophos
|
invincea-x
|
An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory cor…
|
CWE-362
Race Condition
|
CVE-2016-9038
|
2024-11-21 12:00 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264409
|
7.8 |
HIGH
Local
|
symantec
|
endpoint_protection
|
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of for…
|
CWE-20
Improper Input Validation
|
CVE-2016-9094
|
2024-11-21 12:00 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264410
|
7.0 |
HIGH
Local
|
symantec
|
endpoint_protection
|
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this i…
|
CWE-20
Improper Input Validation
|
CVE-2016-9093
|
2024-11-21 12:00 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
