|
265631
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
|
CWE-19
Data Processing Errors
|
CVE-2016-3013
|
2024-11-21 11:49 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265632
|
7.3 |
HIGH
Network
|
jenkins
|
script_security
|
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set arra…
|
CWE-254
7PK - Security Features
|
CVE-2016-3102
|
2024-11-21 11:49 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265633
|
5.4 |
MEDIUM
Network
|
jenkins
|
extra_columns
|
Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips th…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3101
|
2024-11-21 11:49 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265634
|
8.1 |
HIGH
Network
|
tor_browser_launcher_project
|
tor_browser_launcher
|
Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Troja…
|
CWE-254
7PK - Security Features
|
CVE-2016-3180
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265635
|
5.3 |
MEDIUM
Network
|
simplesamlphp
|
simplesamlphp
|
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-3124
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265636
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_system_manager
|
Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified ve…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2016-3063
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265637
|
5.5 |
MEDIUM
Local
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile
security_access_manager_9.0_firmware
|
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specia…
|
CWE-284
Improper Access Control
|
CVE-2016-3020
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265638
|
5.5 |
MEDIUM
Local
|
uclouvain
|
openjpeg
|
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-3183
|
2024-11-21 11:49 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265639
|
5.4 |
MEDIUM
Network
|
ibm
|
biginsights
|
IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2992
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265640
|
7.5 |
HIGH
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine.
|
CWE-284
Improper Access Control
|
CVE-2016-2942
|
2024-11-21 11:49 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
