|
265691
|
7.5 |
HIGH
Network
|
cisco
|
firesight_system_software
|
Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the Advanced Malware Protection (AMP) for Networks component on these app…
|
CWE-399
Resource Management Errors
|
CVE-2016-1368
|
2024-11-21 11:46 |
2016-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265692
|
7.8 |
HIGH
Local
|
canonical
linux
|
ubuntu_touch
ubuntu_linux
ubuntu_core
linux_kernel
|
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top o…
|
NVD-CWE-noinfo
|
CVE-2016-1576
|
2024-11-21 11:46 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265693
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_touch
ubuntu_linux
ubuntu_core
|
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid direc…
|
CWE-269
Improper Privilege Management
|
CVE-2016-1575
|
2024-11-21 11:46 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265694
|
10.0 |
CRITICAL
Network
|
cisco
|
information_server
|
The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in co…
|
NVD-CWE-Other
|
CVE-2016-1343
|
2024-11-21 11:46 |
2016-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265695
|
7.4 |
HIGH
Network
|
cisco
|
webex_meetings_server
|
Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID…
|
NVD-CWE-Other
|
CVE-2016-1389
|
2024-11-21 11:46 |
2016-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265696
|
7.5 |
HIGH
Network
|
cisco
|
application_policy_infrastructure_controller_enterprise_module
|
The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka B…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1386
|
2024-11-21 11:46 |
2016-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265697
|
9.8 |
CRITICAL
Network
|
suse
|
yast2
|
yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-s…
|
CWE-255
Credentials Management
|
CVE-2016-1601
|
2024-11-21 11:46 |
2016-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265698
|
5.4 |
MEDIUM
Network
|
novell
|
service_desk
|
Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, …
|
CWE-79
Cross-site Scripting
|
CVE-2016-1596
|
2024-11-21 11:46 |
2016-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265699
|
6.5 |
MEDIUM
Network
|
novell
|
service_desk
|
LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection att…
|
CWE-200
Information Exposure
|
CVE-2016-1595
|
2024-11-21 11:46 |
2016-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265700
|
6.5 |
MEDIUM
Network
|
novell
|
service_desk
|
Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via …
|
CWE-200
Information Exposure
|
CVE-2016-1594
|
2024-11-21 11:46 |
2016-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
