Lucene search
+L

7 matches found

debian
debian
added 2016/09/29 8:7 p.m.120 views

[SECURITY] [DSA 3681-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3681-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 29, 2016 https://www.debian.org/security/faq -...

8.8CVSS7.1AI score0.04565EPSS
Exploits0
nessus
nessus
added 2016/09/23 12:0 a.m.45 views

Debian DLA-633-1 : wordpress security update

Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2015-8834: Cross-site scripting XSS vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject...

8.8CVSS6.6AI score0.17945EPSS
Exploits1References9
debian
debian
added 2016/09/22 8:12 p.m.56 views

[SECURITY] [DLA 633-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u12 CVE ID : CVE-2015-8834 CVE-2016-4029 CVE-2016-5836 CVE-2016-6634 CVE-2016-6635 CVE-2016-7168 CVE-2016-7169 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the...

8.8CVSS9.2AI score0.17945EPSS
Exploits1
osv
osv
added 2016/08/07 4:59 p.m.8 views

CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

8.6CVSS8.4AI score
Exploits0References5
osv
osv
added 2016/08/07 4:59 p.m.5 views

UBUNTU-CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

8.6CVSS7.3AI score0.04565EPSS
Exploits0References4
cve
cve
added 2016/08/07 4:0 p.m.99 views

CVE-2016-4029

WordPress before 4.5 is vulnerable to SSRF bypass because it does not recognize octal/hex IP formats when determining intranet addresses, allowing remote attackers to bypass the SSRF protection mechanism via a crafted address. Affected software: WordPress core; root cause: IP parsing/validation g...

8.6CVSS8.1AI score0.04565EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2016/08/07 4:0 p.m.30 views

CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

8.3AI score0.04565EPSS
Exploits0References5
Rows per page
Query Builder