Vulnerabilities > High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-11-14	CVE-2016-8906	SQL Injection vulnerability in Dotcms SQL injection vulnerability in the "Site Browser > Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. network low complexity dotcms CWE-89	8.8
2016-11-14	CVE-2016-8905	SQL Injection vulnerability in Dotcms SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter. network low complexity dotcms CWE-89	8.8
2016-11-14	CVE-2016-8904	SQL Injection vulnerability in Dotcms SQL injection vulnerability in the "Site Browser > Containers pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. network low complexity dotcms CWE-89	8.8
2016-11-14	CVE-2016-8903	SQL Injection vulnerability in Dotcms SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. network low complexity dotcms CWE-89	8.8
2016-11-12	CVE-2016-9296	NULL Pointer Dereference vulnerability in 7-Zip P7Zip 16.02 A null pointer dereference bug affects the 16.02 and many old versions of p7zip. network low complexity 7-zip CWE-476	7.5
2016-11-12	CVE-2016-9294	NULL Pointer Dereference vulnerability in Artifex Mujs Artifex Software, Inc. network low complexity artifex CWE-476	7.5
2016-11-11	CVE-2016-9283	SQL Injection vulnerability in Exponentcms Exponent CMS 2.4.0 SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue. network low complexity exponentcms CWE-89	7.5
2016-11-11	CVE-2016-9282	SQL Injection vulnerability in Exponentcms Exponent CMS 2.4.0 SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter. network low complexity exponentcms CWE-89	7.5
2016-11-11	CVE-2016-9277	Integer Overflow or Wraparound vulnerability in Samsung Mobile 4.4/5.0/5.1 Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. network low complexity samsung CWE-190	7.5
2016-11-11	CVE-2016-9274	Untrusted Search Path vulnerability in GIT for Windows Project GIT for Windows Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. local low complexity git-for-windows-project CWE-426	7.8

Vulnerabilities > High {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"High"}]}

Vulnerabilities > High