|
270611
|
9.8 |
CRITICAL
Network
|
opensuse
phpmyadmin
|
leap
opensuse
phpmyadmin
|
SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted dat…
|
CWE-89
SQL Injection
|
CVE-2016-5703
|
2024-11-21 11:54 |
2016-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270612
|
3.7 |
LOW
Network
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI.
|
CWE-254
7PK - Security Features
|
CVE-2016-5702
|
2024-11-21 11:54 |
2016-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270613
|
6.1 |
MEDIUM
Network
|
phpmyadmin
opensuse
|
phpmyadmin
leap
opensuse
|
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions …
|
CWE-74
Injection
|
CVE-2016-5701
|
2024-11-21 11:54 |
2016-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270614
|
4.3 |
MEDIUM
Network
|
symantec
|
endpoint_protection_manager
|
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspe…
|
CWE-22
Path Traversal
|
CVE-2016-5307
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270615
|
5.3 |
MEDIUM
Network
|
symantec
|
endpoint_protection_manager
|
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information b…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2016-5306
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270616
|
5.4 |
MEDIUM
Network
|
symantec
|
endpoint_protection_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5305
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270617
|
6.8 |
MEDIUM
Network
|
symantec
|
endpoint_protection_manager
|
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites…
|
NVD-CWE-Other
|
CVE-2016-5304
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270618
|
7.5 |
HIGH
Network
|
canonical
haproxy
|
ubuntu_linux
haproxy
|
HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5360
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270619
|
7.5 |
HIGH
Network
|
opensuse
arvidn
|
leap
opensuse
libtorrent
|
The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.
|
CWE-20
Improper Input Validation
|
CVE-2016-5301
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270620
|
8.2 |
HIGH
Local
|
lenovo
|
bios_efi_driver
|
Lenovo BIOS EFI Driver allows local administrators to execute arbitrary code with System Management Mode (SMM) privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5729
|
2024-11-21 11:54 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
