|
265431
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2198
|
2024-11-21 11:48 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265432
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List B…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2197
|
2024-11-21 11:48 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265433
|
7.8 |
HIGH
Local
|
hp
|
thinpro
|
HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2246
|
2024-11-21 11:48 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265434
|
6.8 |
MEDIUM
Physics
|
kde
fedoraproject
opensuse
|
kscreenlocker
plasma-workspace
fedora
leap
|
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
|
CWE-254
7PK - Security Features
|
CVE-2016-2312
|
2024-11-21 11:48 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265435
|
7.5 |
HIGH
Network
|
bmc
|
remedy_action_request_system
|
Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password.
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2016-2349
|
2024-11-21 11:48 |
2016-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265436
|
9.8 |
CRITICAL
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1.
|
CWE-89
SQL Injection
|
CVE-2016-2355
|
2024-11-21 11:48 |
2016-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265437
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" parameter for file-download requests can be used to inject script code that gets reflected through the…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2840
|
2024-11-21 11:48 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265438
|
7.8 |
HIGH
Local
|
7-zip
fedoraproject
oracle
|
7-zip
fedora
solaris
|
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2334
|
2024-11-21 11:48 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265439
|
8.0 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for r…
|
CWE-352
Origin Validation Error
|
CVE-2016-2878
|
2024-11-21 11:48 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265440
|
3.3 |
LOW
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.
|
CWE-275
Permission Issues
|
CVE-2016-2877
|
2024-11-21 11:48 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
