|
266321
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3978
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266322
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver_application_server_java
|
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3975
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266323
|
9.1 |
CRITICAL
Network
|
sap
|
netweaver_application_server_java
|
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access…
|
CWE-611
XXE
|
CVE-2016-3974
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266324
|
5.3 |
MEDIUM
Network
|
sap
|
netweaver_application_server_java
|
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/…
|
CWE-200
Information Exposure
|
CVE-2016-3973
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266325
|
7.5 |
HIGH
Network
|
squid-cache
|
squid
|
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3948
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266326
|
8.2 |
HIGH
Network
|
squid-cache
canonical
|
squid
ubuntu_linux
|
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performan…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3947
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266327
|
6.1 |
MEDIUM
Network
|
mcafee
|
email_gateway
|
Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) 7.6.x before 7.6.404, when File Filtering is enabled with the action set to ESERVICES:REPLACE, allows remote attackers to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3969
|
2024-11-21 11:51 |
2016-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266328
|
6.1 |
MEDIUM
Network
|
sophos
|
cyberoam_cr100ing_utm_firmware
cyberoam_cr35ing_utm_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35i…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3968
|
2024-11-21 11:51 |
2016-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266329
|
6.1 |
MEDIUM
Network
|
xmlsoft
|
libxml2
|
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
|
CWE-79
Cross-site Scripting
|
CVE-2016-3709
|
2024-11-21 11:50 |
2022-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266330
|
8.1 |
HIGH
Network
|
piwigo
|
piwigo
|
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo defaults to usingmt_rand in order to generate password reset tokens. mt_rand output can be predicted afte…
|
CWE-335
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
|
CVE-2016-3735
|
2024-11-21 11:50 |
2022-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
