|
268471
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
|
In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7576
|
2024-11-21 11:58 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268472
|
7.5 |
HIGH
Network
|
f5
|
big-ip_application_acceleration_manager
big-ip_local_traffic_manager
big-ip_advanced_firewall_manager
big-ip_policy_enforcement_manager
big-ip_link_controller
big-ip_application_securi…
|
Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SP…
|
CWE-20
Improper Input Validation
|
CVE-2016-7475
|
2024-11-21 11:58 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268473
|
7.5 |
HIGH
Network
|
f5
|
big-ip_application_security_manager
|
F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2016-7472
|
2024-11-21 11:58 |
2018-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268474
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-7443
|
2024-11-21 11:58 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268475
|
8.8 |
HIGH
Network
|
artifex
|
ghostscript
|
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
|
CWE-20
Improper Input Validation
|
CVE-2016-7976
|
2024-11-21 11:58 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268476
|
6.5 |
MEDIUM
Network
|
gigaccsecure
|
gigacc_office
|
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-7845
|
2024-11-21 11:58 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268477
|
5.5 |
MEDIUM
Network
|
gigaccsecure
|
gigacc_office
|
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template.
|
CWE-78
OS Command
|
CVE-2016-7844
|
2024-11-21 11:58 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268478
|
3.1 |
LOW
Network
|
mufg
|
mitsubishi_ufj
|
The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ver5.2.2 and earlier allow a man-in-the-middle attacker to downgrade the communication between the app and the server from TLS v1.2 to…
|
CWE-310
Cryptographic Issues
|
CVE-2016-7812
|
2024-11-21 11:58 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268479
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2016-7539
|
2024-11-21 11:58 |
2017-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268480
|
5.4 |
MEDIUM
Network
|
glpi-project
|
glpi
|
Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7509
|
2024-11-21 11:58 |
2017-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
