|
268101
|
6.1 |
MEDIUM
Network
|
emc
|
vipr_srm
|
Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files.
|
CWE-352
Origin Validation Error
|
CVE-2016-6642
|
2024-11-21 11:56 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268102
|
7.6 |
HIGH
Network
|
emc
|
vipr_srm
|
Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-6641
|
2024-11-21 11:56 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268103
|
7.5 |
HIGH
Network
|
cloudfoundry
pivotal
|
php-buildpack
cloud_foundry_elastic_runtime
|
Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and…
|
CWE-254
7PK - Security Features
|
CVE-2016-6639
|
2024-11-21 11:56 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268104
|
5.3 |
MEDIUM
Network
|
emc
|
documentum_d2
|
EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value.
|
CWE-264
CWE-200
Permissions, Privileges, and Access Controls
Information Exposure
|
CVE-2016-6644
|
2024-11-21 11:56 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268105
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance
|
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges…
|
CWE-399
Resource Management Errors
|
CVE-2016-6407
|
2024-11-21 11:56 |
2016-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268106
|
5.3 |
MEDIUM
Adjacent
|
cisco
|
carrier_routing_system
|
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafte…
|
CWE-399
Resource Management Errors
|
CVE-2016-6401
|
2024-11-21 11:56 |
2016-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268107
|
7.5 |
HIGH
Network
|
cisco
|
ace_application_control_engine_module_a3
ace_4700_series_application_control_engine_appliance_a3
ace_4700_series_application_control_engine_appliance_a4
ace_4700_series_application_control_e…
|
Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via …
|
CWE-20
Improper Input Validation
|
CVE-2016-6399
|
2024-11-21 11:56 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268108
|
5.3 |
MEDIUM
Network
|
cisco
|
ios
|
The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet d…
|
CWE-200
Information Exposure
|
CVE-2016-6398
|
2024-11-21 11:56 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268109
|
5.3 |
MEDIUM
Network
|
cisco
|
firesight_system_software
|
Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafte…
|
CWE-20
Improper Input Validation
|
CVE-2016-6396
|
2024-11-21 11:56 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268110
|
5.4 |
MEDIUM
Network
|
cisco
|
firesight_system_software
|
Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated use…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6395
|
2024-11-21 11:56 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
