|
265891
|
7.5 |
HIGH
Network
|
debian
sensiolabs
|
debian_linux
symfony
|
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the par…
|
CWE-310
Cryptographic Issues
|
CVE-2016-1902
|
2024-11-21 11:47 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265892
|
7.8 |
HIGH
Local
|
apache
debian
|
pdfbox
debian_linux
|
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF.
|
NVD-CWE-Other
|
CVE-2016-2175
|
2024-11-21 11:47 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265893
|
7.5 |
HIGH
Network
|
hp
|
service_manager
|
HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Cata…
|
CWE-200
Information Exposure
|
CVE-2016-2025
|
2024-11-21 11:47 |
2016-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265894
|
5.5 |
MEDIUM
Local
|
hp
|
restful_interface_tool
|
HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-2023
|
2024-11-21 11:47 |
2016-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265895
|
9.8 |
CRITICAL
Network
|
hp
|
release_control
|
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
|
CWE-284
Improper Access Control
|
CVE-2016-1999
|
2024-11-21 11:47 |
2016-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265896
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1887
|
2024-11-21 11:47 |
2016-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265897
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1886
|
2024-11-21 11:47 |
2016-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265898
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated u…
|
CWE-284
Improper Access Control
|
CVE-2016-2159
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265899
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attacke…
|
CWE-200
Information Exposure
|
CVE-2016-2158
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265900
|
8.8 |
HIGH
Network
|
moodle
|
moodle
|
Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 all…
|
CWE-352
Origin Validation Error
|
CVE-2016-2157
|
2024-11-21 11:47 |
2016-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
