|
266311
|
4.9 |
MEDIUM
Network
|
dell
|
openmanage_server_administrator
|
Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file param…
|
CWE-22
Path Traversal
|
CVE-2016-4004
|
2024-11-21 11:51 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266312
|
6.1 |
MEDIUM
Network
|
apache
|
struts
|
Cross-site scripting (XSS) vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4003
|
2024-11-21 11:51 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266313
|
9.8 |
CRITICAL
Network
|
trendmicro
|
password_manager
|
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
|
CWE-284
Improper Access Control
|
CVE-2016-3987
|
2024-11-21 11:51 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266314
|
7.8 |
HIGH
Local
|
avast
|
avast
|
Avast allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted PE file, related to authenticode parsing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3986
|
2024-11-21 11:51 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266315
|
6.5 |
MEDIUM
Network
|
pulsesecure
|
pulse_connect_secure
|
The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access re…
|
CWE-284
Improper Access Control
|
CVE-2016-3985
|
2024-11-21 11:51 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266316
|
5.1 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention_endpoint
agent
virusscan_enterprise
host_intrusion_prevention
active_response
data_exchange_layer
endpoint_security
|
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1,…
|
CWE-284
Improper Access Control
|
CVE-2016-3984
|
2024-11-21 11:51 |
2016-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266317
|
7.5 |
HIGH
Network
|
mcafee
|
advanced_threat_defense
|
McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-3983
|
2024-11-21 11:51 |
2016-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266318
|
5.3 |
MEDIUM
Network
|
siemens
|
scalance_s613
|
Siemens SCALANCE S613 allows remote attackers to cause a denial of service (web-server outage) via traffic to TCP port 443.
|
NVD-CWE-Other
|
CVE-2016-3963
|
2024-11-21 11:51 |
2016-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266319
|
7.5 |
HIGH
Network
|
sap
|
application_server_java
|
The Java Startup Framework (aka jstart) in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted HTTP request, aka SAP Security Note 2259547.
|
CWE-20
Improper Input Validation
|
CVE-2016-3980
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266320
|
7.5 |
HIGH
Network
|
sap
|
java_as
|
Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service (heap memory corruption and process crash) via a crafted HTTP req…
|
CWE-20
Improper Input Validation
|
CVE-2016-3979
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
