|
276031
|
4.3 |
MEDIUM
Network
|
wordpress
|
wordpress
|
The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authen…
|
CWE-254
CWE-284
7PK - Security Features
Improper Access Control
|
CVE-2016-10148
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276032
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-10147
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276033
|
8.6 |
HIGH
Network
|
ietf
|
ipv6
|
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security …
|
CWE-17
Code
|
CVE-2016-10142
|
2024-11-21 11:43 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276034
|
9.8 |
CRITICAL
Network
|
artifex
|
mujs
|
An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expres…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10141
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276035
|
7.5 |
HIGH
Network
|
zoneminder
|
zoneminder
|
Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker t…
|
CWE-200
Information Exposure
|
CVE-2016-10140
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276036
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.syso…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10139
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276037
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the c…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10138
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276038
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10137
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276039
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10136
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276040
|
5.5 |
MEDIUM
Local
|
lg
|
lg_mobile
|
An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with …
|
CWE-200
Information Exposure
|
CVE-2016-10135
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
