|
267171
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the s…
|
CWE-89
SQL Injection
|
CVE-2016-7784
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267172
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7783
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267173
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7782
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267174
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author paramet…
|
CWE-89
SQL Injection
|
CVE-2016-7781
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267175
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7780
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267176
|
7.5 |
HIGH
Network
|
opensuse
fedoraproject
libass_project
|
leap
opensuse
fedora
libass
|
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2016-7972
|
2024-11-21 11:58 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267177
|
7.5 |
HIGH
Network
|
fedoraproject
libass_project
|
fedora
libass
|
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7970
|
2024-11-21 11:58 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267178
|
7.5 |
HIGH
Network
|
opensuse
fedoraproject
libass_project
|
leap
opensuse
fedora
libass
|
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-7969
|
2024-11-21 11:58 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267179
|
3.3 |
LOW
Local
|
irssi
|
buf.pl
|
The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from …
|
CWE-275
Permission Issues
|
CVE-2016-7553
|
2024-11-21 11:58 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267180
|
6.5 |
MEDIUM
Adjacent
|
intel
|
x710_series_driver
xl710_series_driver
|
Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations.
|
NVD-CWE-noinfo
|
CVE-2016-8105
|
2024-11-21 11:58 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
