High Vulnerabilities
Primary
Vendor -- Product |
Description
|
Published
|
CVSS Score
|
Source & Patch Info
|
dotcms -- dotcms
|
SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter.
|
2016-11-14
| ||
emc -- avamar_data_store
|
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users.
|
2016-11-15
| ||
exponentcms -- exponent_cms
|
In /framework/modules/notfound/
Exponent CMS is an Open Source Content Management System, based on PHP, MySQL and the Exponent Framework. Dynamic CMS Content Management Solution with Enterprise Level Content Management Features.
|
2016-11-15
| ||
:
| ||||
linux -- linux_kernel
|
The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.
|
2016-11-16
| ||
: 同様案件、多数
| ||||
objective_development -- little_snitch
|
Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.
|
2016-11-15
| ||
samsung -- samsung_mobile
|
Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.
|
2016-11-11
|
No comments:
Post a Comment