Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project 2016 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-8686
The bm_new function in bitmap.h in potrace 1.13 allows remote malicious users to have unspecified impact via a crafted image, which triggers a memory allocation failure.
Potrace Project Potrace
9.8
CVSSv3
CVE-2016-10194
The festivaltts4r gem for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb.
Festivaltts4r Project Festivaltts4r
7.8
CVSSv3
CVE-2016-10320
textract prior to 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files.
Textract Project Textract
7.8
CVSSv3
CVE-2016-10369
unixsocket.c in lxterminal up to and including 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
Lxterminal Project Lxterminal
6.1
CVSSv3
CVE-2016-10910
The formbuilder plugin prior to 1.06 for WordPress has multiple XSS issues.
Formbuilder Project Formbuilder
5.9
CVSSv3
CVE-2016-10933
An issue exists in the portaudio crate up to and including 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP.
Portaudio Project Portaudio
6.1
CVSSv3
CVE-2016-10006
In OWASP AntiSamy prior to 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.
Antisamy Project Antisamy
7.8
CVSSv3
CVE-2016-10081
/usr/bin/shutter in Shutter up to and including 0.93.1 allows user-assisted remote malicious users to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.
Shutter-project Shutter
1 EDB exploit
7.8
CVSSv3
CVE-2016-10117
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
Firejail Project Firejail -
7.8
CVSSv3
CVE-2016-10119
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
Firejail Project Firejail -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »