|
266061
|
9.1 |
CRITICAL
Network
|
ibm
|
security_access_manager_9.0_firmware
security_access_manager_for_mobile_8.0_firmware
security_access_manager_for_web_8.0_firmware
|
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker…
|
CWE-611
XXE
|
CVE-2016-2908
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266062
|
5.6 |
MEDIUM
Network
|
saltstack
|
salt
|
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with …
|
CWE-287
Improper Authentication
|
CVE-2016-3176
|
2024-11-21 11:49 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266063
|
9.8 |
CRITICAL
Network
|
giflib_project
|
giflib
|
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
|
CWE-415
CWE-416
Double Free
Use After Free
|
CVE-2016-3177
|
2024-11-21 11:49 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266064
|
9.8 |
CRITICAL
Network
|
ivanti
|
landesk_management_suite
|
Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a lar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3147
|
2024-11-21 11:49 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266065
|
9.1 |
CRITICAL
Network
|
synacor
|
zimbra_collaboration_suite
|
Zimbra Collaboration before 8.7.0 allows remote attackers to conduct deserialization attacks via unspecified vectors, aka bug 102276.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-3415
|
2024-11-21 11:49 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266066
|
6.5 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7 allows remote authenticated users to affect availability via unknown vectors, aka bug 102029.
|
NVD-CWE-noinfo
|
CVE-2016-3414
|
2024-11-21 11:49 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266067
|
7.5 |
HIGH
Network
|
synacor
|
zimbra_collaboration_suite
|
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996.
|
NVD-CWE-noinfo
|
CVE-2016-3413
|
2024-11-21 11:49 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266068
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103997, 104413…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3412
|
2024-11-21 11:49 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266069
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
|
CWE-79
Cross-site Scripting
|
CVE-2016-3411
|
2024-11-21 11:49 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266070
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103956, 103995…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3410
|
2024-11-21 11:49 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
