CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
8251 CVE-2016-0272 352 CSRF 2018-03-09 2018-03-26
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors. IBM X-Force ID: 111052.
8252 CVE-2016-0264 119 Exec Code Overflow 2016-05-24 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.
8253 CVE-2016-0254 611 DoS 2017-06-07 2017-06-14
6.8
None Remote Low Single system None None Complete
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker could exploit this vulnerability to consume all available CPU resources and cause a denial of service. IBM X-Force ID: 110563.
8254 CVE-2016-0241 284 2016-10-21 2016-11-28
6.5
None Remote Low Single system Partial Partial Partial
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.
8255 CVE-2016-0239 264 2016-10-21 2016-11-28
6.5
None Remote Low Single system Partial Partial Partial
IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors.
8256 CVE-2016-0233 89 Exec Code Sql 2016-06-27 2016-06-28
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
8257 CVE-2016-0226 284 +Priv 2016-03-28 2016-12-02
6.9
None Local Medium Not required Complete Complete Complete
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file.
8258 CVE-2016-0214 284 2017-02-08 2017-02-15
6.8
None Remote Medium Not required Partial Partial Partial
IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. A remote attacker could exploit this vulnerability to upload a malicious file. The only way that file would be executed would be through a phishing attack to trick an unsuspecting victim to execute the file.
8259 CVE-2016-0091 20 Exec Code 2016-03-09 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2016-0092.
8260 CVE-2016-0018 426 Exec Code +Priv 2016-01-13 2019-05-15
6.9
None Local Medium Not required Complete Complete Complete
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
8261 CVE-2016-0007 264 +Priv 2016-01-13 2019-05-17
6.9
None Local Medium Not required Complete Complete Complete
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.
8262 CVE-2016-0006 264 +Priv 2016-01-13 2019-05-17
6.9
None Local Medium Not required Complete Complete Complete
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0007.
8263 CVE-2015-1000009 284 2016-10-06 2016-10-26
6.4
None Remote Low Not required None Partial Partial
Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05
8264 CVE-2015-9477 276 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates.
8265 CVE-2015-9476 276 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates.
8266 CVE-2015-9465 89 Sql 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.
8267 CVE-2015-9462 89 Sql 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter.
8268 CVE-2015-9461 89 Sql 2019-10-10 2019-10-11
6.5
None Remote Low Single system Partial Partial Partial
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.
8269 CVE-2015-9460 89 Sql 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter.
8270 CVE-2015-9458 89 Sql CSRF 2019-10-10 2019-10-11
6.5
None Remote Low Single system Partial Partial Partial
The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.
8271 CVE-2015-9454 89 Sql 2019-10-07 2019-10-10
6.5
None Remote Low Single system Partial Partial Partial
The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter.
8272 CVE-2015-9449 89 Sql 2019-09-25 2019-09-26
6.5
None Remote Low Single system Partial Partial Partial
The microblog-poster plugin before 1.6.2 for WordPress has SQL Injection via the wp-admin/options-general.php?page=microblogposter.php account_id parameter.
8273 CVE-2015-9448 89 Sql 2019-09-26 2019-09-26
6.5
None Remote Low Single system Partial Partial Partial
The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
8274 CVE-2015-9446 89 Sql 2019-09-26 2019-09-26
6.5
None Remote Low Single system Partial Partial Partial
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.
8275 CVE-2015-9445 352 Sql CSRF 2019-09-26 2019-09-26
6.8
None Remote Medium Not required Partial Partial Partial
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation.
8276 CVE-2015-9402 434 2019-09-20 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload.
8277 CVE-2015-9400 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection.
8278 CVE-2015-9399 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.
8279 CVE-2015-9398 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.
8280 CVE-2015-9395 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.
8281 CVE-2015-9394 352 CSRF 2019-09-20 2019-09-20
6.8
None Remote Medium Not required Partial Partial Partial
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
8282 CVE-2015-9381 125 2019-09-03 2019-09-09
6.8
None Remote Medium Not required Partial Partial Partial
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
8283 CVE-2015-9380 352 CSRF 2019-08-30 2019-09-03
6.8
None Remote Medium Not required Partial Partial Partial
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
8284 CVE-2015-9353 89 Sql 2019-08-28 2019-09-09
6.5
None Remote Low Single system Partial Partial Partial
The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.
8285 CVE-2015-9343 352 CSRF 2019-08-27 2019-08-29
6.8
None Remote Medium Not required Partial Partial Partial
The wp-rollback plugin before 1.2.3 for WordPress has CSRF.
8286 CVE-2015-9322 352 CSRF 2019-08-16 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF.
8287 CVE-2015-9309 352 CSRF 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.
8288 CVE-2015-9308 352 CSRF 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.
8289 CVE-2015-9307 352 CSRF 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature.
8290 CVE-2015-9292 352 CSRF 2019-08-08 2019-08-15
6.8
None Remote Medium Not required Partial Partial Partial
6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileids parameter).
8291 CVE-2015-9284 352 CSRF 2019-04-26 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
The request phase of the OmniAuth Ruby gem is vulnerable to Cross-Site Request Forgery when used as part of the Ruby on Rails framework, allowing accounts to be connected without user intent, user interaction, or feedback to the user. This permits a secondary account to be able to sign into the web application as the primary account.
8292 CVE-2015-9253 400 2018-02-19 2019-04-26
6.8
None Remote Low Single system None None Complete
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.
8293 CVE-2015-9234 89 Sql 2017-09-29 2017-10-06
6.5
None Remote Low Single system Partial Partial Partial
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has SQL injection via the cp_contactformpp_id parameter to cp_contactformpp.php.
8294 CVE-2015-9233 352 XSS CSRF 2017-09-29 2017-10-06
6.8
None Remote Medium Not required Partial Partial Partial
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.
8295 CVE-2015-9227 94 Exec Code File Inclusion 2017-09-11 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_logs.php in AlegroCart 1.2.8 allows remote administrators to execute arbitrary PHP code via a URL in the file_path parameter to upload/admin2.
8296 CVE-2015-9226 89 Exec Code Sql 2017-09-11 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the (1) check_download and possibly (2) check_filename function in upload/admin2/model/products/model_admin_download.php or remote authenticated users with a valid Paypal transaction token to execute arbitrary SQL commands via the ref parameter in the (3) orderUpdate function in upload/catalog/extension/payment/paypal.php.
8297 CVE-2015-9016 362 2018-04-05 2018-05-02
6.9
None Local Medium Not required Complete Complete Complete
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.
8298 CVE-2015-8994 264 +Priv 2017-03-02 2017-03-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.
8299 CVE-2015-8993 264 2017-03-14 2017-03-28
6.9
None Local Medium Not required Complete Complete Complete
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
8300 CVE-2015-8992 264 2017-03-14 2017-03-23
6.9
None Local Medium Not required Complete Complete Complete
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.