Skip to main content
CVE-2016-9287 CRITICAL PATCH Act Now

In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

PHP SQLi Exponent Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
0.5%
CVE-2016-5763 CRITICAL Act Now

Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Open Enterprise Server 11 Open Enterprise Server 2015
NVD
CVSS 3.0
9.1
EPSS
1.0%
CVE-2016-0909 HIGH This Week

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Avamar Data Store Avamar Server Virtual Edition
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2016-8661 HIGH This Week

Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Little Snitch
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2016-7165 MEDIUM This Month

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14),. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Microsoft Primary Setup Tool Security Configuration Tool Simatic It Production Suite +15
NVD
CVSS 3.0
6.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy