|
268901
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance_\(wsa\)
|
Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug…
|
CWE-399
Resource Management Errors
|
CVE-2016-1383
|
2024-11-21 11:46 |
2016-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268902
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance_\(wsa\)
|
Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (…
|
CWE-20
Improper Input Validation
|
CVE-2016-1382
|
2024-11-21 11:46 |
2016-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268903
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance
|
Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range …
|
CWE-399
Resource Management Errors
|
CVE-2016-1381
|
2024-11-21 11:46 |
2016-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268904
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance
|
Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo1…
|
CWE-20
Improper Input Validation
|
CVE-2016-1380
|
2024-11-21 11:46 |
2016-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268905
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1564
|
2024-11-21 11:46 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268906
|
7.5 |
HIGH
Network
|
cisco
|
identity_services_engine_software
|
The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause a …
|
CWE-287
CWE-119
Improper Authentication
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1402
|
2024-11-21 11:46 |
2016-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268907
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_computing_system_central_software
|
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a) allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1401
|
2024-11-21 11:46 |
2016-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268908
|
7.8 |
HIGH
Local
|
apple
|
itunes
|
Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1742
|
2024-11-21 11:46 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268909
|
8.1 |
HIGH
Network
|
google
|
chrome
|
Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/esc…
|
CWE-22
Path Traversal
|
CVE-2016-1671
|
2024-11-21 11:46 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268910
|
5.3 |
MEDIUM
Network
|
google
opensuse
debian
|
chrome
opensuse
debian_linux
|
Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to mak…
|
CWE-362
Race Condition
|
CVE-2016-1670
|
2024-11-21 11:46 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
