Skip to main content
CVE-2016-9481 CRITICAL POC Act Now

In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Exponent Cms
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2016-1247 HIGH POC This Week

The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Nginx Debian Information Disclosure Ubuntu Fedora
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
9.8%
CVE-2016-5393 HIGH PATCH This Week

In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Apache Authentication Bypass Hadoop
NVD
CVSS 3.0
8.8
EPSS
2.6%
CVE-2016-9480 CRITICAL PATCH Act Now

libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read". Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Libdwarf
NVD
CVSS 3.0
9.1
EPSS
0.4%
CVE-2016-5685 HIGH This Week

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Dell Idrac7 Firmware Idrac8 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2016-1251 HIGH PATCH This Week

There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free Dbd Mysql
NVD GitHub
CVSS 3.0
8.1
EPSS
0.5%
CVE-2016-8223 HIGH PATCH This Week

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Microsoft RCE Privilege Escalation Lenovo +1
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-5765 MEDIUM This Month

Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Host Access Management And Security Server Reflection For The Web Reflection Security Gateway Reflection Zfe
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2016-8224 MEDIUM This Month

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Denial Of Service Lenovo Bios +28
NVD
CVSS 3.0
4.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy