|
272021
|
6.1 |
MEDIUM
Network
|
apple
|
webkit
|
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4585
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272022
|
8.8 |
HIGH
Network
|
apple
|
iphone_os
safari
tvos
|
The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory cor…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4584
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272023
|
3.1 |
LOW
Network
|
apple
webkitgtk
|
webkit
webkitgtk\+
|
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing at…
|
CWE-362
Race Condition
|
CVE-2016-4583
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272024
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
tvos
mac_os_x
watchos
|
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4582
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272025
|
7.3 |
HIGH
Network
|
schneider-electric
|
somachine_hvac_firmware
|
An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, …
|
NVD-CWE-noinfo
|
CVE-2016-4529
|
2024-11-21 11:52 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272026
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
pelco_digital_sentry_video_management_system_firmware
|
Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary…
|
NVD-CWE-Other
|
CVE-2016-4520
|
2024-11-21 11:52 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272027
|
5.4 |
MEDIUM
Network
|
openstack
redhat
debian
|
horizon
openstack
debian_linux
|
Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecti…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4428
|
2024-11-21 11:52 |
2016-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272028
|
7.8 |
HIGH
Local
|
wecon
|
levistudiou
|
Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4533
|
2024-11-21 11:52 |
2016-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272029
|
9.8 |
CRITICAL
Network
|
moxa
|
device_server_web_console_5232-n_firmware
|
Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserI…
|
CWE-287
Improper Authentication
|
CVE-2016-4503
|
2024-11-21 11:52 |
2016-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272030
|
7.5 |
HIGH
Network
|
apache
debian
|
xerces-c\+\+
debian_linux
|
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4463
|
2024-11-21 11:52 |
2016-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
