|
266231
|
6.1 |
MEDIUM
Network
|
jqueryui
oracle
fedoraproject
netapp
redhat
juniper
debian
|
jquery_ui
weblogic_server
business_intelligence
hospitality_cruise_fleet_management
application_express
primavera_unifier
siebel_ui_framework
oss_support_tools
fedora
snapc…
|
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7103
|
2024-11-21 11:57 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266232
|
5.5 |
MEDIUM
Local
|
libgd
|
libgd
|
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related t…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6906
|
2024-11-21 11:57 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266233
|
6.1 |
MEDIUM
Network
|
plone
|
plone
|
Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2016-7140
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266234
|
6.1 |
MEDIUM
Network
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2016-7139
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266235
|
6.1 |
MEDIUM
Network
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2016-7138
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266236
|
6.1 |
MEDIUM
Network
|
plone
|
plone
|
Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing…
|
CWE-601
Open Redirect
|
CVE-2016-7137
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266237
|
6.1 |
MEDIUM
Network
|
plone
|
plone
|
z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7136
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266238
|
4.9 |
MEDIUM
Network
|
plone
|
plone
|
Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile ac…
|
CWE-22
Path Traversal
|
CVE-2016-7135
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266239
|
9.8 |
CRITICAL
Network
|
nefarious2_project
|
nefarious2
|
The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE paramet…
|
CWE-287
Improper Authentication
|
CVE-2016-7145
|
2024-11-21 11:57 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266240
|
5.5 |
MEDIUM
Local
|
dropbear_ssh_project
|
dropbear_ssh
|
The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident.
|
CWE-200
Information Exposure
|
CVE-2016-7409
|
2024-11-21 11:57 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
