|
266021
|
9.8 |
CRITICAL
Network
|
hp
|
data_protector
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.
|
NVD-CWE-noinfo
|
CVE-2016-2005
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266022
|
9.8 |
CRITICAL
Network
|
hp
|
data_protector
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulner…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2016-2004
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266023
|
9.8 |
CRITICAL
Network
|
hp
|
xp7_command_view_advanced_edition_suite
p9000_command_view_advanced_edition_software
|
HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted seriali…
|
NVD-CWE-Other
|
CVE-2016-2003
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266024
|
9.8 |
CRITICAL
Network
|
hp
|
vertica
|
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary …
|
CWE-77
Command Injection
|
CVE-2016-2002
|
2024-11-21 11:47 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266025
|
7.5 |
HIGH
Network
|
fedoraproject
uninett
|
fedora
mod_auth_mellon
|
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server de…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2146
|
2024-11-21 11:47 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266026
|
7.5 |
HIGH
Network
|
fedoraproject
uninett
|
fedora
mod_auth_mellon
|
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which allows remote attackers to cause a denial of service (segmen…
|
CWE-20
Improper Input Validation
|
CVE-2016-2145
|
2024-11-21 11:47 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266027
|
7.6 |
HIGH
Network
|
vmware
|
vcenter_server
vcloud_director
vcloud_automation_identity_appliance
|
Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1 mishandles ses…
|
CWE-287
Improper Authentication
|
CVE-2016-2076
|
2024-11-21 11:47 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266028
|
6.1 |
MEDIUM
Network
|
redhat
|
satellite
|
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the list_1680466951_oldfilterval parameter to systems/…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2103
|
2024-11-21 11:47 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266029
|
5.4 |
MEDIUM
Network
|
debian
xymon
|
debian_linux
xymon
|
Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow (1) remote Xymon clients to inject arbitrary web script or HTML via a status-message, which is…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2058
|
2024-11-21 11:47 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266030
|
3.3 |
LOW
Local
|
xymon
debian
|
xymon
debian_linux
|
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2057
|
2024-11-21 11:47 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
