|
267201
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1732
|
2024-11-21 11:46 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267202
|
6.1 |
MEDIUM
Network
|
microfocus
|
self_service_password_reset
|
Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1599
|
2024-11-21 11:46 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267203
|
5.9 |
MEDIUM
Network
|
apple
|
software_update
|
Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream.
|
CWE-310
CWE-345
Cryptographic Issues
Insufficient Verification of Data Authenticity
|
CVE-2016-1731
|
2024-11-21 11:46 |
2016-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267204
|
8.8 |
HIGH
Network
|
google
debian
opensuse
|
chrome
debian_linux
leap
opensuse
suse_linux_enterprise_server
|
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1645
|
2024-11-21 11:46 |
2016-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267205
|
8.8 |
HIGH
Network
|
google
|
chrome
|
WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of s…
|
NVD-CWE-Other
|
CVE-2016-1644
|
2024-11-21 11:46 |
2016-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267206
|
8.8 |
HIGH
Network
|
google
|
chrome
|
The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent…
|
CWE-361
7PK - Time and State
|
CVE-2016-1643
|
2024-11-21 11:46 |
2016-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267207
|
9.8 |
CRITICAL
Network
|
google
|
android
|
libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1621
|
2024-11-21 11:46 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267208
|
4.3 |
MEDIUM
Network
|
dte_energy
|
insight
|
The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter.
|
CWE-200
Information Exposure
|
CVE-2016-1562
|
2024-11-21 11:46 |
2016-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267209
|
5.3 |
MEDIUM
Adjacent
|
cisco
|
ios_xr
|
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to…
|
CWE-399
Resource Management Errors
|
CVE-2016-1361
|
2024-11-21 11:46 |
2016-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267210
|
7.1 |
HIGH
Local
|
cisco
|
prime_lan_management_solution
|
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveragin…
|
CWE-200
Information Exposure
|
CVE-2016-1360
|
2024-11-21 11:46 |
2016-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
