|
265491
|
6.1 |
MEDIUM
Network
|
sap
|
java_as
|
Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) 15 allows remote attackers to inject arbitrary web script or HTML via the title par…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4016
|
2024-11-21 11:51 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265492
|
7.5 |
HIGH
Network
|
sap
|
netweaver
|
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
|
NVD-CWE-noinfo
|
CVE-2016-4015
|
2024-11-21 11:51 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265493
|
8.6 |
HIGH
Network
|
sap
|
netweaver
|
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to ud…
|
NVD-CWE-Other
|
CVE-2016-4014
|
2024-11-21 11:51 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265494
|
9.8 |
CRITICAL
Network
|
python
|
pillow
|
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, whic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4009
|
2024-11-21 11:51 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265495
|
8.8 |
HIGH
Network
|
opensuse
debian
optipng_project
canonical
|
leap
opensuse
debian_linux
optipng
ubuntu_linux
|
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly e…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3982
|
2024-11-21 11:51 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265496
|
7.8 |
HIGH
Local
|
optipng_project
canonical
debian
|
optipng
ubuntu_linux
debian_linux
|
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3981
|
2024-11-21 11:51 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265497
|
9.8 |
CRITICAL
Network
|
opensuse
|
leap
opensuse
|
Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via…
|
NVD-CWE-noinfo
|
CVE-2016-4007
|
2024-11-21 11:51 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265498
|
4.9 |
MEDIUM
Network
|
dell
|
openmanage_server_administrator
|
Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file param…
|
CWE-22
Path Traversal
|
CVE-2016-4004
|
2024-11-21 11:51 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265499
|
6.1 |
MEDIUM
Network
|
apache
|
struts
|
Cross-site scripting (XSS) vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4003
|
2024-11-21 11:51 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265500
|
9.8 |
CRITICAL
Network
|
trendmicro
|
password_manager
|
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
|
CWE-284
Improper Access Control
|
CVE-2016-3987
|
2024-11-21 11:51 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
