|
264561
|
9.4 |
CRITICAL
Network
|
otrs
|
faq
|
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL…
|
CWE-89
SQL Injection
|
CVE-2016-5843
|
2024-11-21 11:55 |
2016-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264562
|
9.8 |
CRITICAL
Network
|
nodejs
openssl
|
node.js
openssl
|
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or poss…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-6303
|
2024-11-21 11:55 |
2016-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264563
|
7.5 |
HIGH
Network
|
openssl
oracle
|
openssl
solaris
linux
|
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2016-6302
|
2024-11-21 11:55 |
2016-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264564
|
4.3 |
MEDIUM
Network
|
cisco
|
hosted_collaboration_mediation_fulfillment
|
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a …
|
CWE-22
Path Traversal
|
CVE-2016-6370
|
2024-11-21 11:55 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264565
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF30, 8.0.0 through 8.0.0.1 CF21, and 8.5.0 before CF12 allows remote authenticated users to cause a…
|
CWE-284
Improper Access Control
|
CVE-2016-5954
|
2024-11-21 11:55 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264566
|
5.5 |
MEDIUM
Local
|
ibm
|
tivoli_storage_manager_for_space_management
|
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is config…
|
CWE-200
Information Exposure
|
CVE-2016-5927
|
2024-11-21 11:55 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264567
|
5.3 |
MEDIUM
Network
|
drupal
|
drupal
|
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensiti…
|
CWE-200
Information Exposure
|
CVE-2016-6212
|
2024-11-21 11:55 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264568
|
8.8 |
HIGH
Network
|
drupal
debian
|
drupal
debian_linux
|
The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6211
|
2024-11-21 11:55 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264569
|
7.5 |
HIGH
Network
|
gnu
|
libidn
|
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6263
|
2024-11-21 11:55 |
2016-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264570
|
7.5 |
HIGH
Network
|
gnu
canonical
opensuse
|
libidn
ubuntu_linux
leap
opensuse
|
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6262
|
2024-11-21 11:55 |
2016-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
