|
265441
|
9.8 |
CRITICAL
Network
|
siemens
|
ccid1445-dn18_firmware
ccid1445-dn28_firmware
ccid1445-dn36_firmware
ccis1425_firmware
ccmd3025-dn18_firmware
ccms2025_firmware
ccmw1025_firmware
ccmw3025_firmware
ccpw3025_fi…
|
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; …
|
CWE-284
Improper Access Control
|
CVE-2016-9155
|
2024-11-21 12:00 |
2016-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265442
|
7.8 |
HIGH
Local
|
paloaltonetworks
|
pan-os
|
Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9151
|
2024-11-21 12:00 |
2016-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265443
|
9.8 |
CRITICAL
Network
|
paloaltonetworks
|
pan-os
|
Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9150
|
2024-11-21 12:00 |
2016-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265444
|
6.5 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single qu…
|
CWE-19
Data Processing Errors
|
CVE-2016-9149
|
2024-11-21 12:00 |
2016-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265445
|
5.5 |
MEDIUM
Local
|
xmlsoft
canonical
|
libxml2
ubuntu_linux
|
libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, …
|
CWE-611
XXE
|
CVE-2016-9318
|
2024-11-21 12:00 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265446
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search m…
|
CWE-89
SQL Injection
|
CVE-2016-9287
|
2024-11-21 12:00 |
2016-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265447
|
8.8 |
HIGH
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the "Site Browser > HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2016-8908
|
2024-11-21 12:00 |
2016-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265448
|
8.8 |
HIGH
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2016-8907
|
2024-11-21 12:00 |
2016-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265449
|
8.8 |
HIGH
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the "Site Browser > Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter.
|
CWE-89
SQL Injection
|
CVE-2016-8906
|
2024-11-21 12:00 |
2016-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265450
|
8.8 |
HIGH
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter.
|
CWE-89
SQL Injection
|
CVE-2016-8905
|
2024-11-21 12:00 |
2016-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
