{"vulnerability": "cve-2016-1076", "sightings": [{"uuid": "b24cb110-6582-474f-9ced-7a5d35405033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10764", "type": "seen", "source": "https://t.me/cibsecurity/5752", "content": "ATENTION\u203c New - CVE-2016-10764\n\nIn the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the -&gt;f_pdata array so the \"&gt;\" should be \"&gt;=\" instead.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-28T03:25:08.000000Z"}, {"uuid": "92b63e9b-ff96-4fdf-a248-c22c1ede14e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10761", "type": "seen", "source": "https://t.me/cibsecurity/5221", "content": "ATENTION\u203c New - CVE-2016-10761\n\nLogitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-06-30T00:27:45.000000Z"}, {"uuid": "1f2c99b8-488e-444d-97bf-404bb8b1a939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10760", "type": "seen", "source": "https://t.me/cibsecurity/4849", "content": "ATENTION\u203c New - CVE-2016-10760\n\nOn Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell metacharacters in the ping_ipaddr parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-06-12T00:30:27.000000Z"}, {"uuid": "e5762188-7f15-48af-99d3-41715dfbb259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10763", "type": "seen", "source": "https://t.me/cibsecurity/5592", "content": "ATENTION\u203c New - CVE-2016-10763\n\nThe CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-18T16:28:54.000000Z"}, {"uuid": "e5c3193c-9127-4320-99b9-ea6457bf255f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10762", "type": "seen", "source": "https://t.me/cibsecurity/5593", "content": "ATENTION\u203c New - CVE-2016-10762\n\nThe CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-18T16:28:55.000000Z"}, {"uuid": "e0ac6756-9774-4cc1-b8d7-397d02bedd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10766", "type": "seen", "source": "https://t.me/cibsecurity/5926", "content": "ATENTION\u203c New - CVE-2016-10766 (edx-platform)\n\nedx-platform before 2016-06-06 allows CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-08-05T18:34:07.000000Z"}, {"uuid": "1a887d00-84a6-4e6a-aab6-135af67a36ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10768", "type": "seen", "source": "https://t.me/cibsecurity/5921", "content": "ATENTION\u203c New - CVE-2016-10768\n\ncPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-08-05T16:35:15.000000Z"}, {"uuid": "568f1bfb-85ac-4d2f-a4a5-9b15eb272c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10767", "type": "seen", "source": "https://t.me/cibsecurity/5922", "content": "ATENTION\u203c New - CVE-2016-10767\n\ncPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-08-05T16:35:16.000000Z"}, {"uuid": "81592320-7ad2-40e4-929f-3f629c441b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10766", "type": "seen", "source": "https://t.me/cibsecurity/5774", "content": "ATENTION\u203c New - CVE-2016-10766\n\nedx-platform before 2016-06-06 allows CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-29T20:35:12.000000Z"}, {"uuid": "6a2eecbc-6e91-4166-9cdd-936987a3f73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10765", "type": "seen", "source": "https://t.me/cibsecurity/5775", "content": "ATENTION\u203c New - CVE-2016-10765\n\nedx-platform before 2016-06-10 allows account activation with a spoofed e-mail address.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-29T20:35:13.000000Z"}, {"uuid": "375b6cc2-3b7b-4e56-a820-0333c119df46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-10769", "type": "seen", "source": "https://t.me/cibsecurity/5920", "content": "ATENTION\u203c New - CVE-2016-10769\n\ncPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-08-05T16:35:14.000000Z"}]}