|
274001
|
7.8 |
HIGH
Local
|
apache
debian
|
pdfbox
debian_linux
|
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF.
|
NVD-CWE-Other
|
CVE-2016-2175
|
2024-11-21 11:47 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274002
|
7.5 |
HIGH
Network
|
hp
|
service_manager
|
HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Cata…
|
CWE-200
Information Exposure
|
CVE-2016-2025
|
2024-11-21 11:47 |
2016-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274003
|
5.5 |
MEDIUM
Local
|
hp
|
restful_interface_tool
|
HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-2023
|
2024-11-21 11:47 |
2016-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274004
|
9.8 |
CRITICAL
Network
|
hp
|
release_control
|
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
|
CWE-284
Improper Access Control
|
CVE-2016-1999
|
2024-11-21 11:47 |
2016-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274005
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1887
|
2024-11-21 11:47 |
2016-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274006
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1886
|
2024-11-21 11:47 |
2016-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274007
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated u…
|
CWE-284
Improper Access Control
|
CVE-2016-2159
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274008
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attacke…
|
CWE-200
Information Exposure
|
CVE-2016-2158
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274009
|
8.8 |
HIGH
Network
|
moodle
|
moodle
|
Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 all…
|
CWE-352
Origin Validation Error
|
CVE-2016-2157
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274010
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 provides calendar-event data without considering whether an act…
|
CWE-200
Information Exposure
|
CVE-2016-2156
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
