|
267871
|
6.7 |
MEDIUM
Local
|
siemens
|
sicam_pas\/pqs
|
Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges.
|
CWE-255
CWE-200
Credentials Management
Information Exposure
|
CVE-2016-5848
|
2024-11-21 11:55 |
2016-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267872
|
4.7 |
MEDIUM
Local
|
debian
linux
|
debian_linux
linux_kernel
|
Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a c…
|
CWE-362
Race Condition
|
CVE-2016-6130
|
2024-11-21 11:55 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267873
|
7.2 |
HIGH
Network
|
trend_micro
|
deep_discovery_inspector
|
hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename…
|
CWE-20
Improper Input Validation
|
CVE-2016-5840
|
2024-11-21 11:55 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267874
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5839
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267875
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.
|
CWE-255
Credentials Management
|
CVE-2016-5838
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267876
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5837
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267877
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5836
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267878
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/re…
|
CWE-200
Information Exposure
|
CVE-2016-5835
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267879
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5834
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267880
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5833
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
