|
266171
|
9.8 |
CRITICAL
Network
|
samsung
|
exynos_fimg2d
|
NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-6604
|
2024-11-21 11:56 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266172
|
7.5 |
HIGH
Network
|
atlassian
|
confluence_server
jira_integration_for_hipchat
|
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA …
|
CWE-200
Information Exposure
|
CVE-2016-6668
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266173
|
9.8 |
CRITICAL
Network
|
zohocorp
|
webnms_framework
|
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
|
CWE-20
Improper Input Validation
|
CVE-2016-6603
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266174
|
9.8 |
CRITICAL
Network
|
zohocorp
|
webnms_framework
|
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2016-6602
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266175
|
7.5 |
HIGH
Network
|
zohocorp
|
webnms_framework
|
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parame…
|
CWE-22
Path Traversal
|
CVE-2016-6601
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266176
|
9.8 |
CRITICAL
Network
|
zohocorp
|
webnms_framework
|
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the…
|
CWE-22
Path Traversal
|
CVE-2016-6600
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266177
|
9.1 |
CRITICAL
Network
|
doorkeeper_project
|
doorkeeper
|
The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specificat…
|
CWE-254
7PK - Security Features
|
CVE-2016-6582
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266178
|
8.8 |
HIGH
Network
|
gopivotal
|
grails
|
Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of …
|
CWE-352
Origin Validation Error
|
CVE-2016-6521
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266179
|
9.8 |
CRITICAL
Network
|
liferay
|
liferay
|
Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp.
|
CWE-22
Path Traversal
|
CVE-2016-6517
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266180
|
6.1 |
MEDIUM
Network
|
infoblox
|
netmri
|
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentTyp…
|
CWE-93
CRLF Injection
|
CVE-2016-6484
|
2024-11-21 11:56 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
