Skip to main content
CVE-2016-7965 MEDIUM POC This Month

DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dokuwiki
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-8879 MEDIUM PATCH This Month

The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Memory Corruption Buffer Overflow Microsoft Phantompdf +1
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-8875 MEDIUM PATCH This Month

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Information Disclosure Buffer Overflow Microsoft Phantompdf +1
NVD
CVSS 3.0
5.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy