|
266011
|
7.4 |
HIGH
Network
|
samba
canonical
|
samba
ubuntu_linux
|
Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and …
|
CWE-310
Cryptographic Issues
|
CVE-2016-2113
|
2024-11-21 11:47 |
2016-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266012
|
5.9 |
MEDIUM
Network
|
samba
canonical
|
samba
ubuntu_linux
|
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-midd…
|
CWE-254
7PK - Security Features
|
CVE-2016-2112
|
2024-11-21 11:47 |
2016-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266013
|
6.3 |
MEDIUM
Local
|
samba
canonical
|
samba
ubuntu_linux
|
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a se…
|
CWE-254
7PK - Security Features
|
CVE-2016-2111
|
2024-11-21 11:47 |
2016-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266014
|
5.9 |
MEDIUM
Network
|
samba
canonical
|
samba
ubuntu_linux
|
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by mo…
|
CWE-254
7PK - Security Features
|
CVE-2016-2110
|
2024-11-21 11:47 |
2016-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266015
|
6.1 |
MEDIUM
Network
|
blackberry
|
enterprise_server
|
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted …
|
CWE-79
Cross-site Scripting
|
CVE-2016-1918
|
2024-11-21 11:47 |
2016-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266016
|
6.1 |
MEDIUM
Network
|
blackberry
|
enterprise_server
|
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted …
|
CWE-79
Cross-site Scripting
|
CVE-2016-1917
|
2024-11-21 11:47 |
2016-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266017
|
5.4 |
MEDIUM
Network
|
blackberry
|
enterprise_server
|
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by l…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1916
|
2024-11-21 11:47 |
2016-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266018
|
9.8 |
CRITICAL
Network
|
hp
|
data_protector
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-2008
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266019
|
9.8 |
CRITICAL
Network
|
hp
|
data_protector
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.
|
NVD-CWE-noinfo
|
CVE-2016-2007
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266020
|
9.8 |
CRITICAL
Network
|
hp
|
data_protector
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.
|
NVD-CWE-noinfo
|
CVE-2016-2006
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
