Waitman Gobble

irc://irc.y0m4m4.com/ Radio Puke.World Wiki OOO

CVE List 2016 (page: 1)

2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999

Name Description
CVE-2016-1000352 In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
CVE-2016-1000346 In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other [...]
CVE-2016-1000345 In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, [...]
CVE-2016-1000344 In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
CVE-2016-1000343 In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly [...]
CVE-2016-1000342 In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up [...]
CVE-2016-1000341 In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of [...]
CVE-2016-1000340 In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed [...]
CVE-2016-1000339 In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if [...]
CVE-2016-1000338 In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up [...]
CVE-2016-1000307 Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, [...]
CVE-2016-1000282 Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.
CVE-2016-1000271 Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack [...]
CVE-2016-1000237 sanitize-html before 1.4.3 has XSS.
CVE-2016-1000236 Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.
CVE-2016-1000232 NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable [...]
CVE-2016-1000229 swagger-ui has XSS in key names
CVE-2016-1000222 Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data.
CVE-2016-1000221 Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information.
CVE-2016-1000220 Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers.
CVE-2016-1000219 Kibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and authorization headers could be written to the log files. This information could be used to hijack sessions [...]
CVE-2016-1000218 Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an attacker to generate superfluous reports whenever an authenticated Kibana user navigates to a [...]
CVE-2016-1000217 Zotpress plugin for WordPress SQLi in zp_get_account()
CVE-2016-1000216 Ruckus Wireless H500 web management interface authenticated command injection
CVE-2016-1000215 Ruckus Wireless H500 web management interface denial of service
CVE-2016-1000214 Ruckus Wireless H500 web management interface authentication bypass
CVE-2016-1000213 Ruckus Wireless H500 web management interface CSRF
CVE-2016-1000156 Mailcwp remote file upload vulnerability incomplete fix v1.100
CVE-2016-1000155 Reflected XSS in wordpress plugin wpsolr-search-engine v7.6
CVE-2016-1000154 Reflected XSS in wordpress plugin whizz v1.0.7
CVE-2016-1000153 Reflected XSS in wordpress plugin tidio-gallery v1.1
CVE-2016-1000152 Reflected XSS in wordpress plugin tidio-form v1.0
CVE-2016-1000151 Reflected XSS in wordpress plugin tera-charts v1.0
CVE-2016-1000150 Reflected XSS in wordpress plugin simplified-content v1.0.0
CVE-2016-1000149 Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
CVE-2016-1000148 Reflected XSS in wordpress plugin s3-video v0.983
CVE-2016-1000147 Reflected XSS in wordpress plugin recipes-writer v1.0.4
CVE-2016-1000146 Reflected XSS in wordpress plugin pondol-formmail v1.1
CVE-2016-1000145 Reflected XSS in wordpress plugin pondol-carousel v1.0
CVE-2016-1000144 Reflected XSS in wordpress plugin photoxhibit v2.1.8
CVE-2016-1000143 Reflected XSS in wordpress plugin photoxhibit v2.1.8
CVE-2016-1000142 Reflected XSS in wordpress plugin parsi-font v4.2.5
CVE-2016-1000141 Reflected XSS in wordpress plugin page-layout-builder v1.9.3
CVE-2016-1000140 Reflected XSS in wordpress plugin new-year-firework v1.1.9
CVE-2016-1000139 Reflected XSS in wordpress plugin infusionsoft v1.5.11
CVE-2016-1000138 Reflected XSS in wordpress plugin indexisto v1.0.5
CVE-2016-1000137 Reflected XSS in wordpress plugin hero-maps-pro v2.1.0
CVE-2016-1000136 Reflected XSS in wordpress plugin heat-trackr v1.0
CVE-2016-1000135 Reflected XSS in wordpress plugin hdw-tube v1.2
CVE-2016-1000134 Reflected XSS in wordpress plugin hdw-tube v1.2
CVE-2016-1000133 Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1
CVE-2016-1000132 Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8
CVE-2016-1000131 Reflected XSS in wordpress plugin e-search v1.0
CVE-2016-1000130 Reflected XSS in wordpress plugin e-search v1.0
CVE-2016-1000129 Reflected XSS in wordpress plugin defa-online-image-protector v3.3
CVE-2016-1000128 Reflected XSS in wordpress plugin anti-plagiarism v3.60
CVE-2016-1000127 Reflected XSS in wordpress plugin ajax-random-post v2.00
CVE-2016-1000126 Reflected XSS in wordpress plugin admin-font-editor v1.8
CVE-2016-1000125 Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
CVE-2016-1000124 Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
CVE-2016-1000123 Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
CVE-2016-1000122 XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
CVE-2016-1000121 XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
CVE-2016-1000120 SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
CVE-2016-1000119 SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
CVE-2016-1000118 XSS & SQLi in HugeIT slideshow v1.0.4
CVE-2016-1000117 XSS & SQLi in HugeIT slideshow v1.0.4
CVE-2016-1000116 Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
CVE-2016-1000115 Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS
CVE-2016-1000114 XSS in huge IT gallery v1.1.5 for Joomla
CVE-2016-1000113 XSS and SQLi in huge IT gallery v1.1.5 for Joomla
CVE-2016-1000112 Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin
CVE-2016-1000111 Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the [...]
CVE-2016-1000110 The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
CVE-2016-1000109 HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment [...]
CVE-2016-1000108 yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY [...]
CVE-2016-1000107 inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, [...]
CVE-2016-1000104 A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.
CVE-2016-1000037 Pagure: XSS possible in file attachment endpoint
CVE-2016-1000033 Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
CVE-2016-1000032 TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a missing nonce allowing attackers to use a single solved CAPTCHA multiple times.
CVE-2016-1000031 Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
CVE-2016-1000030 Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can [...]
CVE-2016-1000029 Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).
CVE-2016-1000028 Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).
CVE-2016-1000027 Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a [...]
CVE-2016-1000009 TP-LINK lost control of two domains, www.tplinklogin.net and tplinkextender.net. Please note that these domains are physically printed on many of the devices.
CVE-2016-1000007 Pagure 2.2.1 XSS in raw file endpoint
CVE-2016-1000006 hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
CVE-2016-1000005 mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions prior to [...]
CVE-2016-1000004 Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.0 [...]
CVE-2016-1000003 Mirror Manager version 0.7.2 and older is vulnerable to remote code execution in the checkin code.
CVE-2016-1000002 gdm3 3.14.2 and possibly later has an information leak before screen lock
CVE-2016-1000001 flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect
CVE-2016-1000000 Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
CVE-2016-20009 ** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no [...]
CVE-2016-20008 The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20007 The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20006 The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20005 The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20004 The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20003 The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20002 The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20001 The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-11086 lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof [...]
CVE-2016-11085 php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js [...]
CVE-2016-11084 An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.
CVE-2016-11083 An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.
CVE-2016-11082 An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.
CVE-2016-11081 An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.
CVE-2016-11080 An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.
CVE-2016-11079 An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.
CVE-2016-11078 An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.
CVE-2016-11077 An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.
CVE-2016-11076 An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.
CVE-2016-11075 An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.
CVE-2016-11074 An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.
CVE-2016-11073 An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.
CVE-2016-11072 An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.
CVE-2016-11071 An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.
CVE-2016-11070 An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.
CVE-2016-11069 An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.
CVE-2016-11068 An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.
CVE-2016-11067 An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.
CVE-2016-11066 An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.
CVE-2016-11065 An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.
CVE-2016-11064 An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
CVE-2016-11063 An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.
CVE-2016-11062 An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.
CVE-2016-11061 Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the [...]
CVE-2016-11060 Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10.
CVE-2016-11059 Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, [...]
CVE-2016-11058 The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.
CVE-2016-11057 Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, [...]
CVE-2016-11056 Certain NETGEAR devices are affected by anonymous root access. This affects ReadyNAS Surveillance 1.1.1-3-armel and earlier and ReadyNAS Surveillance 1.4.1-3-amd64 and earlier.
CVE-2016-11055 Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 [...]
CVE-2016-11054 NETGEAR DGN2200v4 devices before 2017-01-06 are affected by command execution and an FTP insecure root directory.
CVE-2016-11053 An issue was discovered on Samsung mobile devices with software through 2015-11-11 (supporting FRP/RL). There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5131 (January [...]
CVE-2016-11052 An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. je_free in libQjpeg.so in Qjpeg in Qt 5.5 allows memory corruption via a malformed JPEG file. The Samsung ID is [...]
CVE-2016-11050 An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is [...]
CVE-2016-11049 An issue was discovered on Samsung mobile devices with software through 2016-01-16 (Shannon333/308/310 chipsets). The IMEI may be retrieved and modified because of an error in managing key [...]
CVE-2016-11048 An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March [...]
CVE-2016-11047 An issue was discovered on Samsung mobile devices with JBP(4.2) and KK(4.4) (Marvell chipsets) software. The ACIPC-MSOCKET driver allows local privilege escalation via a stack-based buffer overflow. [...]
CVE-2016-11046 An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls [...]
CVE-2016-11045 An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016).
CVE-2016-11044 An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. The check of an application's signature can be bypassed during installation. The [...]
CVE-2016-11043 An issue was discovered on Samsung mobile devices with M(6.0) software. The S/MIME implementation in EAS uses DES (where 3DES is intended). The Samsung ID is SVE-2016-5871 (June 2016).
CVE-2016-11042 An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 (June 2016).
CVE-2016-11041 An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016).
CVE-2016-11040 An issue was discovered on Samsung mobile devices with L(5.0/5.1) (with USB OTG MyFile2014_L_ESS support) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5068 [...]
CVE-2016-11039 An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (AP + CP MDM9x35, or Qualcomm Onechip) software. There is a NULL pointer dereference issue in the IPC socket [...]
CVE-2016-11038 An issue was discovered on Samsung mobile devices with software through 2016-04-05 (incorporating the Samsung Professional Audio SDK). The Jack audio service doesn't implement access control for [...]
CVE-2016-11036 An issue was discovered on Samsung mobile devices with M(6.0) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-6008 (August 2016).
CVE-2016-11035 An issue was discovered on Samsung mobile devices with software through 2016-05-27 (Exynos AP chipsets). A local graphics user can cause a Kernel Crash via the fb0(DECON) frame buffer interface. The [...]
CVE-2016-11034 An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The [...]
CVE-2016-11033 An issue was discovered on Samsung mobile devices with M(6.0) software. There is a heap-based buffer overflow in tlc_server. The Samsung IDs are SVE-2016-7220 and SVE-2016-7225 (November 2016).
CVE-2016-11032 An issue was discovered on Samsung mobile devices with M(6.0) software. An attacker can disable all Sound functionality by broadcasting an unprotected intent. The Samsung IDs are SVE-2016-7179 and [...]
CVE-2016-11031 An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016).
CVE-2016-11030 An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, [...]
CVE-2016-11029 An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The [...]
CVE-2016-11028 An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are [...]
CVE-2016-11027 An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is [...]
CVE-2016-11026 An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The [...]
CVE-2016-11025 An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a memcpy heap-based buffer overflow in the OTP service. The Samsung ID is [...]
CVE-2016-11024 odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2016-11023 odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2016-11022 NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to [...]
CVE-2016-11021 setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.
CVE-2016-11020 Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution.
CVE-2016-11018 An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is [...]
CVE-2016-11017 The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a [...]
CVE-2016-11016 NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS.
CVE-2016-11015 NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
CVE-2016-11014 NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
CVE-2016-11013 The wp-listings plugin before 2.0.2 for WordPress has includes/views/single-listing.php XSS.
CVE-2016-11012 The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS.
CVE-2016-11011 The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation.
CVE-2016-11010 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.
CVE-2016-11009 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.
CVE-2016-11008 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.
CVE-2016-11007 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.
CVE-2016-11006 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.
CVE-2016-11005 The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS.
CVE-2016-11004 The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation.
CVE-2016-11003 The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation.
CVE-2016-11002 The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation.
CVE-2016-11001 The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.
CVE-2016-11000 The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter.
CVE-2016-10999 The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter.
CVE-2016-10998 The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS.
CVE-2016-10997 The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.
CVE-2016-10996 The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak.
CVE-2016-10995 The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.
CVE-2016-10994 The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter.
CVE-2016-10993 The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter.
CVE-2016-10992 The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter.
CVE-2016-10991 The imdb-widget plugin before 1.0.9 for WordPress has Local File Inclusion.
CVE-2016-10990 The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header.
CVE-2016-10989 The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF.
CVE-2016-10988 The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer.
CVE-2016-10987 The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_sms_numbers XSS.
CVE-2016-10986 The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumer_key, consumer_secret, access_token, and access_token_secret.
CVE-2016-10985 The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.
CVE-2016-10984 The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.
CVE-2016-10983 The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
CVE-2016-10982 The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.
CVE-2016-10981 The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text.
CVE-2016-10980 The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo.
CVE-2016-10979 The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS.
CVE-2016-10978 The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF.
CVE-2016-10977 The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.
CVE-2016-10976 The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS.
CVE-2016-10975 The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.
CVE-2016-10974 The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
CVE-2016-10973 The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.
CVE-2016-10972 The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel.
CVE-2016-10971 The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required.
CVE-2016-10970 The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.
CVE-2016-10969 The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.
CVE-2016-10968 The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation.
CVE-2016-10967 The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.
CVE-2016-10966 The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload.
CVE-2016-10965 The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion.
CVE-2016-10964 The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header.
CVE-2016-10963 The icegram plugin before 1.9.19 for WordPress has XSS.
CVE-2016-10962 The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
CVE-2016-10961 The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.
CVE-2016-10960 The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.
CVE-2016-10959 The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php.
CVE-2016-10958 The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php.
CVE-2016-10957 The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter.
CVE-2016-10956 The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
CVE-2016-10955 The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking.
CVE-2016-10954 The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.
CVE-2016-10953 The Headway theme before 3.8.9 for WordPress has XSS via the license key field.
CVE-2016-10952 The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.
CVE-2016-10951 The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.
CVE-2016-10950 The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.
CVE-2016-10949 The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.
CVE-2016-10948 The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.
CVE-2016-10947 The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.
CVE-2016-10946 The wp-d3 plugin before 2.4.1 for WordPress has CSRF.
CVE-2016-10945 The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.
CVE-2016-10944 The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.
CVE-2016-10943 The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter.
CVE-2016-10942 The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF.
CVE-2016-10941 The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.
CVE-2016-10940 The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.
CVE-2016-10939 The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter.
CVE-2016-10938 The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location.
Page:


Copyright © 1999–2021, The MITRE Corporation

LICENSE

Submissions: For all materials you submit to the Common Vulnerabilities and Exposures (CVE®), you hereby grant to The MITRE Corporation (MITRE) and all CVE Numbering Authorities (CNAs) a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute such materials and derivative works. Unless required by applicable law or agreed to in writing, you provide such materials on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.

CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.

DISCLAIMERS

ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN PROVIDED BY MITRE ARE PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.