|
276191
|
8.6 |
HIGH
Network
|
emc
|
avamar_server
|
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to …
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-0904
|
2024-11-21 11:42 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276192
|
9.1 |
CRITICAL
Network
|
emc
|
avamar_server
|
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data …
|
CWE-200
Information Exposure
|
CVE-2016-0903
|
2024-11-21 11:42 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276193
|
5.3 |
MEDIUM
Network
|
trane
|
tracer_sc
|
The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request.
|
CWE-200
Information Exposure
|
CVE-2016-0870
|
2024-11-21 11:42 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276194
|
9.8 |
CRITICAL
Network
|
pivotal
|
operations_manager
|
Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH …
|
CWE-362
Race Condition
|
CVE-2016-0930
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276195
|
7.5 |
HIGH
Network
|
pivotal_software
|
rabbitmq
|
The metrics-collection component in RabbitMQ for Pivotal Cloud Foundry (PCF) 1.6.x before 1.6.4 logs command lines of failed commands, which might allow context-dependent attackers to obtain sensitiv…
|
CWE-200
Information Exposure
|
CVE-2016-0929
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276196
|
7.4 |
HIGH
Network
|
pivotal
|
cloud_foundry_elastic_runtime
|
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.30 and 1.7.x before 1.7.8 allow remote attackers to redirect users to arbitrary web sites and conduct …
|
CWE-601
Open Redirect
|
CVE-2016-0928
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276197
|
6.1 |
MEDIUM
Network
|
pivotal_software
|
cloud_foundry_elastic_runtime
|
Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-0927
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276198
|
6.1 |
MEDIUM
Network
|
pivotal_software
|
cloud_foundry_elastic_runtime
|
Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.32 and 1.7.x before 1.7.8 allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2016-0926
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276199
|
7.5 |
HIGH
Network
|
dell
|
bsafe
|
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes …
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2016-0923
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276200
|
9.8 |
CRITICAL
Network
|
emc
|
vipr_srm
|
EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.
|
CWE-285
Improper Authorization
|
CVE-2016-0922
|
2024-11-21 11:42 |
2016-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
