Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-31 | CVE-2016-8856 | Permission Issues vulnerability in Foxitsoftware Reader 2.1.0.0804/2.1.0.0805 Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbitrary code. | 7.8 |
| 2016-10-31 | CVE-2016-7991 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. | 7.5 |
| 2016-10-31 | CVE-2016-7990 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542. | 9.8 |
| 2016-10-31 | CVE-2016-7989 | 7PK - Security Features vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. | 7.5 |
| 2016-10-31 | CVE-2016-7988 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542. | 7.5 |
| 2016-10-31 | CVE-2016-7965 | Improper Input Validation vulnerability in Dokuwiki DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL. | 6.5 |
| 2016-10-31 | CVE-2016-7964 | Server-Side Request Forgery (SSRF) vulnerability in Dokuwiki 20160626A The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. | 8.6 |
| 2016-10-30 | CVE-2016-9118 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg 2.1.2 Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. | 5.3 |
| 2016-10-30 | CVE-2016-9117 | NULL Pointer Dereference vulnerability in Uclouvain Openjpeg 2.1.2 NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. | 6.5 |
| 2016-10-30 | CVE-2016-9116 | NULL Pointer Dereference vulnerability in Uclouvain Openjpeg 2.1.2 NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. | 6.5 |