|
265161
|
7.8 |
HIGH
Local
|
hancom
|
hancom_office_2014
|
When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overfl…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4291
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265162
|
8.4 |
HIGH
Local
|
bluestacks
|
bluestacks
|
A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary pro…
|
CWE-275
Permission Issues
|
CVE-2016-4288
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265163
|
7.8 |
HIGH
Local
|
hancom
|
hancom_office_2014
|
When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a block of data within the file. When calculating thi…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4290
|
2024-11-21 11:51 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265164
|
4.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can …
|
NVD-CWE-Other
|
CVE-2016-4048
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265165
|
4.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those re…
|
CWE-200
CWE-611
Information Exposure
XXE
|
CVE-2016-4047
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265166
|
5.8 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of th…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-4046
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265167
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Script code can be embedded to RSS feeds using a URL notation. In case a user clicks the corresponding link at the RSS reader …
|
CWE-79
Cross-site Scripting
|
CVE-2016-4045
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265168
|
7.5 |
HIGH
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle…
|
CWE-255
Credentials Management
|
CVE-2016-4028
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265169
|
3.5 |
LOW
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev10. App Suite frontend offers to control whether a user wants to store cookies that exceed the session duration. This functionalit…
|
CWE-200
Information Exposure
|
CVE-2016-4027
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265170
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The content sanitizer component has an issue with filtering malicious content in case invalid HTML code is provided. In such c…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4026
|
2024-11-21 11:51 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
