Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-20
Total 10860 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-11040 1 Google 1 Android 2024-11-21 2.1 LOW 4.6 MEDIUM
An issue was discovered on Samsung mobile devices with L(5.0/5.1) (with USB OTG MyFile2014_L_ESS support) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5068 (June 2016).
CVE-2016-11032 1 Google 1 Android 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered on Samsung mobile devices with M(6.0) software. An attacker can disable all Sound functionality by broadcasting an unprotected intent. The Samsung IDs are SVE-2016-7179 and SVE-2016-7182 (November 2016).
CVE-2016-11031 1 Google 1 Android 2024-11-21 7.8 HIGH 7.5 HIGH
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016).
CVE-2016-10991 1 Imdb-widget Project 1 Imdb-widget 2024-11-21 5.0 MEDIUM 7.5 HIGH
The imdb-widget plugin before 1.0.9 for WordPress has Local File Inclusion.
CVE-2016-10960 1 Joomlaserviceprovider 1 Wsecure 2024-11-21 6.5 MEDIUM 8.8 HIGH
The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.
CVE-2016-10956 1 Mail-masta Project 1 Mail-masta 2024-11-21 5.0 MEDIUM 7.5 HIGH
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
CVE-2016-10948 1 Post Indexer Project 1 Post Indexer 2024-11-21 6.8 MEDIUM 8.1 HIGH
The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.
CVE-2016-10930 1 Wpsupportplus 1 Wp Support Plus Responsive Ticket System 2024-11-21 7.5 HIGH 9.8 CRITICAL
The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number.
CVE-2016-10899 1 Fabrix 1 Total Security 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability.
CVE-2016-10858 1 Cpanel 1 Cpanel 2024-11-21 9.3 HIGH 9.8 CRITICAL
cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64).
CVE-2016-10855 1 Cpanel 1 Cpanel 2024-11-21 10.0 HIGH 9.8 CRITICAL
cPanel before 11.54.0.4 allows unauthenticated arbitrary code execution via cpsrvd (SEC-91).
CVE-2016-10850 1 Cpanel 1 Cpanel 2024-11-21 9.0 HIGH 8.8 HIGH
cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).
CVE-2016-10842 1 Cpanel 1 Cpanel 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
cPanel before 11.54.0.4 allows certain file-read operations in bin/setup_global_spam_filter.pl (SEC-74).
CVE-2016-10824 1 Cpanel 1 Cpanel 2024-11-21 9.3 HIGH 9.8 CRITICAL
cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).
CVE-2016-10823 1 Cpanel 1 Cpanel 2024-11-21 9.0 HIGH 8.8 HIGH
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).
CVE-2016-10816 1 Cpanel 1 Cpanel 2024-11-21 6.5 MEDIUM 8.8 HIGH
cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).
CVE-2016-10814 1 Cpanel 1 Cpanel 2024-11-21 6.5 MEDIUM 8.8 HIGH
cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).
CVE-2016-10812 1 Cpanel 1 Cpanel 2024-11-21 9.0 HIGH 8.8 HIGH
In cPanel before 57.9999.54, /scripts/enablefileprotect exposed TTYs (SEC-117).
CVE-2016-10808 1 Cpanel 1 Cpanel 2024-11-21 9.0 HIGH 8.8 HIGH
In cPanel before 57.9999.54, /scripts/addpop and /scripts/delpop exposed TTYs (SEC-113).
CVE-2016-10807 1 Cpanel 1 Cpanel 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112).