Max CVSS 7.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-9294 5.0
Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related
23-04-2020 - 19:37 12-11-2016 - 00:59
CVE-2008-5222 7.5
SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
11-10-2018 - 20:54 25-11-2008 - 19:30
CVE-2004-0001 7.2
Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
10-10-2017 - 01:30 17-02-2004 - 05:00
CVE-2011-3422 4.3
The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Ext
29-08-2017 - 01:30 12-09-2011 - 12:40
CVE-2016-9284 5.0
getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string.
28-07-2017 - 01:29 11-11-2016 - 22:59
CVE-2016-9285 5.0
framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1, related to an "addresses, countries, and regions"
28-07-2017 - 01:29 11-11-2016 - 22:59
CVE-2016-9283 5.0
SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.
28-07-2017 - 01:29 11-11-2016 - 22:59
CVE-2016-9286 5.0
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI.
28-07-2017 - 01:29 11-11-2016 - 22:59
CVE-2016-9282 5.0
SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter.
28-07-2017 - 01:29 11-11-2016 - 22:59
CVE-2016-9288 7.5
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used lik
28-07-2017 - 01:29 11-11-2016 - 23:59
CVE-2017-8582 4.3
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when
20-07-2017 - 15:12 11-07-2017 - 21:29
CVE-2016-9277 7.8
Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.
29-11-2016 - 18:22 11-11-2016 - 19:59
CVE-2016-9296 5.0
A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z
29-11-2016 - 18:03 12-11-2016 - 02:59
Back to Top Mark selected
Back to Top