|
266231
|
6.1 |
MEDIUM
Network
|
sap
|
hybris
|
Cross-site scripting (XSS) vulnerability in the Inbox Search feature in Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6856
|
2024-11-21 11:56 |
2016-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266232
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6787
|
2024-11-21 11:56 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266233
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6786
|
2024-11-21 11:56 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266234
|
7.8 |
HIGH
Local
|
ffmpeg
|
ffmpeg
|
The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6671
|
2024-11-21 11:56 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266235
|
8.1 |
HIGH
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry
cloud_foundry_uaa
cloud_foundry_uaa_bosh
|
Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 for UAA 3.6.5 and before 24 for UAA 3.9.3…
|
CWE-287
Improper Authentication
|
CVE-2016-6659
|
2024-11-21 11:56 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266236
|
7.4 |
HIGH
Network
|
pivotal_software
|
cloud_foundry_ops_manager
cloud_foundry_elastic_runtime
|
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime components. Users of affected versions should apply the following mitigation: Upgrade PCF Elastic Runt…
|
CWE-601
Open Redirect
|
CVE-2016-6657
|
2024-11-21 11:56 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266237
|
7.2 |
HIGH
Network
|
pivotal_software
|
greenplum
|
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using GPHDFS protocol has a vulnerability whereby arbitrary commands can be injected into the system. In orde…
|
CWE-77
Command Injection
|
CVE-2016-6656
|
2024-11-21 11:56 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266238
|
6.1 |
MEDIUM
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script cod…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6854
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266239
|
4.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file ex…
|
CWE-200
Information Exposure
|
CVE-2016-6852
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266240
|
5.5 |
MEDIUM
Local
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client ("Reflected File Download"). Malicious…
|
CWE-254
7PK - Security Features
|
CVE-2016-6848
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
