Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-11 | CVE-2016-9274 | Untrusted Search Path vulnerability in GIT for Windows Project GIT for Windows Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. | 7.8 |
| 2016-11-11 | CVE-2016-9272 | SQL Injection vulnerability in Exponentcms Exponent CMS A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service. | 9.1 |
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |
| 2016-11-10 | CVE-2016-9268 | Unrestricted Upload of File with Dangerous Type vulnerability in Dotclear Unrestricted file upload vulnerability in the Blog appearance in the "Install or upgrade manually" module in Dotclear through 2.10.4 allows remote authenticated super-administrators to execute arbitrary code by uploading a theme file with an zip extension, and then accessing it via unspecified vectors. | 7.2 |
| 2016-11-10 | CVE-2016-7148 | Cross-site Scripting vulnerability in Moinmo Moinmoin 1.9.8 MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component. | 6.1 |
| 2016-11-10 | CVE-2016-7146 | Cross-site Scripting vulnerability in Moinmo Moinmoin 1.9.8 MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via page name) component. | 6.1 |
| 2016-11-10 | CVE-2016-7490 | Link Following vulnerability in Teradata Studio Express 15.12.00.00 The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. | 7.8 |
| 2016-11-10 | CVE-2016-7489 | Permissions, Privileges, and Access Controls vulnerability in Teradata Virtual Machine 15.10 Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution. | 9.8 |
| 2016-11-10 | CVE-2016-7488 | Permissions, Privileges, and Access Controls vulnerability in Teradata Virtual Machine 15.10 Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. | 7.8 |
| 2016-11-10 | CVE-2016-4095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 9.8 |