|
256811
|
8.8 |
HIGH
Network
|
qemu
debian
|
qemu
debian_linux
|
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder …
|
CWE-59
Link Following
|
CVE-2016-9602
|
2024-11-21 12:01 |
2018-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256812
|
6.5 |
MEDIUM
Network
|
openstack
redhat
|
puppet-swift
openstack
|
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet s…
|
CWE-200
Information Exposure
|
CVE-2016-9590
|
2024-11-21 12:01 |
2018-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256813
|
8.1 |
HIGH
Network
|
redhat
ansible
|
ansible
openstack
|
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed …
|
CWE-20
Improper Input Validation
|
CVE-2016-9587
|
2024-11-21 12:01 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256814
|
5.5 |
MEDIUM
Local
|
artifex
debian
|
gpl_ghostscript
debian_linux
jbig2dec
|
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a J…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9601
|
2024-11-21 12:01 |
2018-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256815
|
7.5 |
HIGH
Network
|
openstack
redhat
|
puppet-tripleo
openstack
|
puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is ena…
|
CWE-284
Improper Access Control
|
CVE-2016-9599
|
2024-11-21 12:01 |
2018-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256816
|
8.1 |
HIGH
Network
|
haxx
|
curl
|
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes …
|
CWE-665
Improper Initialization
|
CVE-2016-9594
|
2024-11-21 12:01 |
2018-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256817
|
8.1 |
HIGH
Network
|
haxx
|
curl
|
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts…
|
-
|
CVE-2016-9586
|
2024-11-21 12:01 |
2018-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256818
|
8.8 |
HIGH
Network
|
theforeman
redhat
|
foreman
satellite
|
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those …
|
CWE-255
Credentials Management
|
CVE-2016-9593
|
2024-11-21 12:01 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256819
|
4.3 |
MEDIUM
Network
|
redhat
|
openshift
|
openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete operation…
|
CWE-399
Resource Management Errors
|
CVE-2016-9592
|
2024-11-21 12:01 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256820
|
5.3 |
MEDIUM
Network
|
ikiwiki
debian
|
ikiwiki
debian_linux
|
ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata fo…
|
CWE-287
Improper Authentication
|
CVE-2016-9646
|
2024-11-21 12:01 |
2018-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
