| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-9294 | 5.0 |
Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related
|
23-04-2020 - 19:37 | 12-11-2016 - 00:59 | |
| CVE-2008-5222 | 7.5 |
SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
11-10-2018 - 20:54 | 25-11-2008 - 19:30 | |
| CVE-2004-0001 | 7.2 |
Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
|
10-10-2017 - 01:30 | 17-02-2004 - 05:00 | |
| CVE-2011-3422 | 4.3 |
The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Ext
|
29-08-2017 - 01:30 | 12-09-2011 - 12:40 | |
| CVE-2016-9284 | 5.0 |
getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string.
|
28-07-2017 - 01:29 | 11-11-2016 - 22:59 | |
| CVE-2016-9285 | 5.0 |
framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1, related to an "addresses, countries, and regions"
|
28-07-2017 - 01:29 | 11-11-2016 - 22:59 | |
| CVE-2016-9283 | 5.0 |
SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.
|
28-07-2017 - 01:29 | 11-11-2016 - 22:59 | |
| CVE-2016-9286 | 5.0 |
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI.
|
28-07-2017 - 01:29 | 11-11-2016 - 22:59 | |
| CVE-2016-9282 | 5.0 |
SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter.
|
28-07-2017 - 01:29 | 11-11-2016 - 22:59 | |
| CVE-2016-9288 | 7.5 |
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used lik
|
28-07-2017 - 01:29 | 11-11-2016 - 23:59 | |
| CVE-2017-8582 | 4.3 |
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when
|
20-07-2017 - 15:12 | 11-07-2017 - 21:29 | |
| CVE-2016-9277 | 7.8 |
Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.
|
29-11-2016 - 18:22 | 11-11-2016 - 19:59 | |
| CVE-2016-9296 | 5.0 |
A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z
|
29-11-2016 - 18:03 | 12-11-2016 - 02:59 |