|
265971
|
7.5 |
HIGH
Network
|
glpi-project
|
glpi
|
Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote attacker to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5…
|
CWE-89
SQL Injection
|
CVE-2016-7508
|
2024-11-21 11:58 |
2017-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265972
|
7.8 |
HIGH
Local
|
winsparkle
|
winsparkle
|
Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2016-7838
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265973
|
7.8 |
HIGH
Local
|
bluez
|
bluez
|
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7837
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265974
|
9.1 |
CRITICAL
Network
|
h2o_project
dena
|
h2o
|
Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain server certificate private keys and possibly other information.
|
CWE-416
Use After Free
|
CVE-2016-7835
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265975
|
7.5 |
HIGH
Network
|
cybozu
|
dezie
|
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-7833
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265976
|
5.3 |
MEDIUM
Network
|
cybozu
|
dezie
|
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-7832
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265977
|
6.1 |
MEDIUM
Network
|
fenrir-inc
|
sleipnir
|
Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage.
|
CWE-601
Open Redirect
|
CVE-2016-7831
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265978
|
8.8 |
HIGH
Adjacent
|
sony
|
pcs-xg100_firmware
pcs-xg77_firmware
pcs-xc1_firmware
|
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker o…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2016-7830
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265979
|
6.5 |
MEDIUM
Network
|
buffalotech
|
wnc01wh_firmware
|
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.
|
CWE-22
Path Traversal
|
CVE-2016-7826
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265980
|
6.5 |
MEDIUM
Network
|
buffalotech
|
wnc01wh_firmware
|
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.
|
CWE-22
Path Traversal
|
CVE-2016-7825
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
