|
268781
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5834
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268782
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5833
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268783
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5832
|
2024-11-21 11:55 |
2016-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268784
|
7.8 |
HIGH
Local
|
debian
linux
novell
canonical
|
debian_linux
linux_kernel
suse_linux_enterprise_real_time_extension
ubuntu_linux
|
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly hav…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5829
|
2024-11-21 11:55 |
2016-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268785
|
7.8 |
HIGH
Local
|
linux
novell
debian
canonical
|
linux_kernel
suse_linux_enterprise_real_time_extension
debian_linux
ubuntu_linux
|
The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service…
|
CWE-20
Improper Input Validation
|
CVE-2016-5828
|
2024-11-21 11:55 |
2016-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268786
|
4.6 |
MEDIUM
Network
|
netapp
|
snap_creator_framework
|
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2016-5710
|
2024-11-21 11:54 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268787
|
7.8 |
HIGH
Local
|
symantec
|
norton_antivirus
norton_family
norton_antivirus_with_backup
norton_security
norton_360
norton_internet_security
norton_security_with_backup
endpoint_protection
endpoint_protec…
|
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Pr…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2016-5311
|
2024-11-21 11:54 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268788
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_M…
|
CWE-200
Information Exposure
|
CVE-2016-5346
|
2024-11-21 11:54 |
2020-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268789
|
7.5 |
HIGH
Network
|
cloudera
|
cdh
|
Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles.
|
CWE-200
Information Exposure
|
CVE-2016-5724
|
2024-11-21 11:54 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268790
|
7.5 |
HIGH
Network
|
php_jose_project
|
php_jose
|
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2016-5431
|
2024-11-21 11:54 |
2019-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
