|
264771
|
3.1 |
LOW
Network
|
oracle
|
flexcube_investor_servicing
|
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0…
|
NVD-CWE-noinfo
|
CVE-2016-5509
|
2024-11-21 11:54 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264772
|
6.1 |
MEDIUM
Network
|
openstack
|
puppet-gerrit
|
The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scriptin…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5737
|
2024-11-21 11:54 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264773
|
6.1 |
MEDIUM
Network
|
puppet
|
puppet_enterprise
|
Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a /…
|
CWE-601
Open Redirect
|
CVE-2016-5715
|
2024-11-21 11:54 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264774
|
7.8 |
HIGH
Local
|
freeimage_project
|
freeimage
|
An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resultin…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-5684
|
2024-11-21 11:54 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264775
|
7.0 |
HIGH
Local
|
libtiff
|
libtiff
|
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code e…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5652
|
2024-11-21 11:54 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264776
|
7.8 |
HIGH
Local
|
lexmark
|
perceptive_document_filters
|
An exploitable heap overflow vulnerability exists in the Compound Binary File Format (CBFF) parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5646
|
2024-11-21 11:54 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264777
|
5.3 |
MEDIUM
Network
|
vmware
|
identity_manager
vrealize_automation
|
VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2016-5334
|
2024-11-21 11:54 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264778
|
5.5 |
MEDIUM
Local
|
vmware
|
fusion
|
VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecif…
|
CWE-200
Information Exposure
|
CVE-2016-5329
|
2024-11-21 11:54 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264779
|
5.5 |
MEDIUM
Local
|
vmware
|
tools
|
VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism v…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2016-5328
|
2024-11-21 11:54 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264780
|
6.1 |
MEDIUM
Network
|
horde
|
groupware
|
Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5303
|
2024-11-21 11:54 |
2016-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
