{"vulnerability": "cve-2016-1106", "sightings": [{"uuid": "3b425c78-d414-42c2-8ed1-fa90e706bc51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-1106", "type": "exploited", "source": "https://www.exploit-db.com/exploits/39831", "content": "", "creation_timestamp": "2016-05-17T00:00:00.000000Z"}, {"uuid": "8384d704-ed96-4716-9263-691c19f54cab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11061", "type": "seen", "source": "https://t.me/cibsecurity/11745", "content": "ATENTION\u203c New - CVE-2016-11061\n\nXerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-30T02:35:40.000000Z"}, {"uuid": "0ed40748-c121-4628-96d6-887699e0e2a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11060", "type": "seen", "source": "https://t.me/cibsecurity/11700", "content": "ATENTION\u203c New - CVE-2016-11060\n\nCertain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-28T20:35:10.000000Z"}, {"uuid": "53c78123-17e4-4ea2-8c20-f9066386d5eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11063", "type": "seen", "source": "https://t.me/cibsecurity/12956", "content": "ATENTION\u203c New - CVE-2016-11063\n\nAn issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T01:55:15.000000Z"}, {"uuid": "26522d7d-dd67-4e2b-92c4-f277617c96b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11062", "type": "seen", "source": "https://t.me/cibsecurity/12957", "content": "ATENTION\u203c New - CVE-2016-11062\n\nAn issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T01:55:15.000000Z"}, {"uuid": "688ce6c4-5f1a-44e8-9823-956c5c16c197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11064", "type": "seen", "source": "https://t.me/cibsecurity/12955", "content": "ATENTION\u203c New - CVE-2016-11064\n\nAn issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T01:55:13.000000Z"}, {"uuid": "3af320e9-e711-43c4-a4d4-eda25c4dbb61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11066", "type": "seen", "source": "https://t.me/cibsecurity/12953", "content": "ATENTION\u203c New - CVE-2016-11066\n\nAn issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:42.000000Z"}, {"uuid": "45e2d018-3f83-4eb6-b034-5aa760b1d5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11069", "type": "seen", "source": "https://t.me/cibsecurity/12950", "content": "ATENTION\u203c New - CVE-2016-11069\n\nAn issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:39.000000Z"}, {"uuid": "757e2a5c-1499-4ec2-a5ce-1a2b13cd55b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11068", "type": "seen", "source": "https://t.me/cibsecurity/12951", "content": "ATENTION\u203c New - CVE-2016-11068\n\nAn issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:40.000000Z"}, {"uuid": "9b89bec7-d6ef-4413-96e5-59525b7884bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11067", "type": "seen", "source": "https://t.me/cibsecurity/12952", "content": "ATENTION\u203c New - CVE-2016-11067\n\nAn issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:41.000000Z"}, {"uuid": "767bf556-008e-49f2-bb54-c1ad0e11baac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-11065", "type": "seen", "source": "https://t.me/cibsecurity/12954", "content": "ATENTION\u203c New - CVE-2016-11065\n\nAn issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-20T00:55:43.000000Z"}]}