|
257471
|
5.5 |
MEDIUM
Local
|
jasper_project
fedoraproject
|
jasper
fedora
|
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-8887
|
2024-11-21 12:00 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257472
|
7.8 |
HIGH
Local
|
jasper_project
|
jasper
|
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 allows remote attackers to have unspecified impact via a crafted file, which triggers a memory allocation failure.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8886
|
2024-11-21 12:00 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257473
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a craf…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-8885
|
2024-11-21 12:00 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257474
|
6.1 |
MEDIUM
Network
|
novell
|
groupwise
|
A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise before 2014 R2 Support Pack 1 Hot Patch 2 that may enable a remote attacker to execute JavaScr…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9169
|
2024-11-21 12:00 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257475
|
6.5 |
MEDIUM
Network
|
novell
|
edirectory
|
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking.
|
CWE-20
Improper Input Validation
|
CVE-2016-9168
|
2024-11-21 12:00 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257476
|
7.5 |
HIGH
Network
|
novell
|
edirectory
|
NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9167
|
2024-11-21 12:00 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257477
|
7.5 |
HIGH
Network
|
ca
|
unified_infrastructure_management_snap
unified_infrastructure_management
|
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remot…
|
CWE-200
Information Exposure
|
CVE-2016-9165
|
2024-11-21 12:00 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257478
|
4.3 |
MEDIUM
Network
|
ibm
|
rational_rhapsody_design_manager
|
IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an authenticated user to upload infected malicious files to the server. IBM Reference #: 1999960.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-8973
|
2024-11-21 12:00 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257479
|
6.1 |
MEDIUM
Network
|
sitecore
|
experience_platform
|
Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or …
|
CWE-79
Cross-site Scripting
|
CVE-2016-8855
|
2024-11-21 12:00 |
2017-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257480
|
5.4 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9006
|
2024-11-21 12:00 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
