|
271471
|
8.8 |
HIGH
Network
|
trendmicro
|
threat_discovery_appliance
|
log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8590
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271472
|
8.8 |
HIGH
Network
|
trendmicro
|
threat_discovery_appliance
|
log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8589
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271473
|
7.3 |
HIGH
Local
|
trendmicro
|
threat_discovery_appliance
|
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uplo…
|
CWE-284
Improper Access Control
|
CVE-2016-8588
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271474
|
7.3 |
HIGH
Local
|
trendmicro
|
threat_discovery_appliance
|
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn…
|
CWE-284
Improper Access Control
|
CVE-2016-8587
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271475
|
8.8 |
HIGH
Network
|
trendmicro
|
threat_discovery_appliance
|
detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8586
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271476
|
8.8 |
HIGH
Network
|
trendmicro
|
threat_discovery_appliance
|
admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8585
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271477
|
9.8 |
CRITICAL
Network
|
trendmicro
|
threat_discovery_appliance
|
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.
|
CWE-284
Improper Access Control
|
CVE-2016-8584
|
2024-11-21 11:59 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271478
|
9.1 |
CRITICAL
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input ca…
|
CWE-78
OS Command
|
CVE-2016-8721
|
2024-11-21 11:59 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271479
|
7.8 |
HIGH
Local
|
artifex
|
ghostscript
|
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscrip…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2016-8602
|
2024-11-21 11:59 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271480
|
7.5 |
HIGH
Network
|
moxa
|
awk-3131a_firmware
|
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal …
|
CWE-200
Information Exposure
|
CVE-2016-8727
|
2024-11-21 11:59 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|