|
257491
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9259
|
2024-11-21 12:00 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257492
|
3.1 |
LOW
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2016-9009
|
2024-11-21 12:00 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257493
|
7.2 |
HIGH
Network
|
ibm
|
tivoli_storage_manager
|
IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8998
|
2024-11-21 12:00 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257494
|
8.1 |
HIGH
Network
|
ibm
|
rational_rhapsody_design_manager
|
IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil…
|
CWE-611
XXE
|
CVE-2016-8974
|
2024-11-21 12:00 |
2017-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257495
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
|
CWE-284
Improper Access Control
|
CVE-2016-8986
|
2024-11-21 12:00 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257496
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.
|
CWE-284
Improper Access Control
|
CVE-2016-8915
|
2024-11-21 12:00 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257497
|
9.8 |
CRITICAL
Network
|
aerospike
|
database_server
|
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a…
|
CWE-129
Improper Validation of Array Index
|
CVE-2016-9053
|
2024-11-21 12:00 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257498
|
9.8 |
CRITICAL
Network
|
aerospike
|
database_server
|
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-boun…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-9051
|
2024-11-21 12:00 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257499
|
7.5 |
HIGH
Network
|
aerospike
|
database_server
|
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a nu…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-9049
|
2024-11-21 12:00 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257500
|
5.4 |
MEDIUM
Network
|
trendmicro
|
interscan_web_security_virtual_appliance
|
Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Bu…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9316
|
2024-11-21 12:00 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
