|
265001
|
7.8 |
HIGH
Local
|
uclouvain
redhat
|
openjpeg
enterprise_linux
enterprise_linux_for_scientific_computing
enterprise_linux_for_ibm_z_systems
enterprise_linux_for_power_big_endian
|
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-9675
|
2024-11-21 12:01 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265002
|
5.4 |
MEDIUM
Network
|
rapid7
|
nexpose
|
In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag nam…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9757
|
2024-11-21 12:01 |
2016-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265003
|
7.5 |
HIGH
Network
|
joomla
|
joomla\!
|
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a us…
|
CWE-284
Improper Access Control
|
CVE-2016-9838
|
2024-11-21 12:01 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265004
|
7.5 |
HIGH
Network
|
joomla
|
joomla\!
|
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9837
|
2024-11-21 12:01 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265005
|
7.8 |
HIGH
Local
|
nagios
|
nagios
|
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged …
|
CWE-264
CWE-59
Permissions, Privileges, and Access Controls
Link Following
|
CVE-2016-9566
|
2024-11-21 12:01 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265006
|
9.8 |
CRITICAL
Network
|
nagios
|
nagios
|
MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed serv…
|
CWE-284
Improper Access Control
|
CVE-2016-9565
|
2024-11-21 12:01 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265007
|
6.5 |
MEDIUM
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
|
CWE-399
Resource Management Errors
|
CVE-2016-9633
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265008
|
6.5 |
MEDIUM
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9632
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265009
|
6.5 |
MEDIUM
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-9631
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265010
|
6.5 |
MEDIUM
Network
|
tats
|
w3m
|
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9630
|
2024-11-21 12:01 |
2016-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
