|
266091
|
5.3 |
MEDIUM
Network
|
simplesamlphp
|
simplesamlphp
|
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-3124
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266092
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_system_manager
|
Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified ve…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2016-3063
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266093
|
5.5 |
MEDIUM
Local
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile
security_access_manager_9.0_firmware
|
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specia…
|
CWE-284
Improper Access Control
|
CVE-2016-3020
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266094
|
5.5 |
MEDIUM
Local
|
uclouvain
|
openjpeg
|
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-3183
|
2024-11-21 11:49 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266095
|
5.4 |
MEDIUM
Network
|
ibm
|
biginsights
|
IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2992
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266096
|
7.5 |
HIGH
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine.
|
CWE-284
Improper Access Control
|
CVE-2016-2942
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266097
|
5.5 |
MEDIUM
Local
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user.
|
CWE-200
Information Exposure
|
CVE-2016-2941
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266098
|
5.4 |
MEDIUM
Network
|
ibm
|
biginsights
|
IBM Infosphere BigInsights is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted UR…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2924
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266099
|
7.8 |
HIGH
Local
|
ibm
|
aix
|
IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3053
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266100
|
2.7 |
LOW
Network
|
ibm
|
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile
security_access_manager_9.0_firmware
|
IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end da…
|
CWE-89
SQL Injection
|
CVE-2016-3046
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
