|
265071
|
4.8 |
MEDIUM
Network
|
splunk
|
splunk
|
Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4856
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265072
|
6.1 |
MEDIUM
Network
|
adodb_project
|
adodb
|
Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4855
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265073
|
5.5 |
MEDIUM
Local
|
moneyforward
|
money_forward_for_apppass
money_forward_for_au_smartpass
money_forward_for_chou_houdai
money_forward_for_sbi_sumishin_net_bank
money_forward_for_shiga_bank
money_forward_for_shizuoka_b…
|
The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0…
|
CWE-200
Information Exposure
|
CVE-2016-4839
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265074
|
7.8 |
HIGH
Local
|
moneyforward
|
money_forward_for_apppass
money_forward_for_au_smartpass
money_forward_for_chou_houdai
money_forward_for_sbi_sumishin_net_bank
money_forward_for_shiga_bank
money_forward_for_shizuoka_b…
|
The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0…
|
CWE-20
Improper Input Validation
|
CVE-2016-4838
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265075
|
5.3 |
MEDIUM
Network
|
bmc
|
server_automation
|
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vecto…
|
CWE-285
Improper Authorization
|
CVE-2016-5063
|
2024-11-21 11:53 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265076
|
9.8 |
CRITICAL
Network
|
pivotal_software
|
cloud_foundry_elastic_runtime
cloud_foundry
|
The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-5006
|
2024-11-21 11:53 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265077
|
5.9 |
MEDIUM
Network
|
pivotal_software
|
cloud_foundry_uaa
cloud_foundry
cloud_foundry_elastic_runtime
cloud_foundry_uaa-release
|
Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1…
|
CWE-295
Improper Certificate Validation
|
CVE-2016-5016
|
2024-11-21 11:53 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265078
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.
|
CWE-346
Origin Validation Error
|
CVE-2016-5168
|
2024-11-21 11:53 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265079
|
7.8 |
HIGH
Local
|
securebrain
|
phishwall_client
|
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2.
|
CWE-426
Untrusted Search Path
|
CVE-2016-4846
|
2024-11-21 11:53 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265080
|
4.3 |
MEDIUM
Network
|
cybozu
|
mailwise
|
Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.
|
CWE-20
Improper Input Validation
|
CVE-2016-4841
|
2024-11-21 11:53 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
