|
265061
|
7.8 |
HIGH
Local
|
apple
|
xcode
|
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4704
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265062
|
3.3 |
LOW
Local
|
apple
|
iphone_os
|
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via…
|
CWE-200
Information Exposure
|
CVE-2016-4620
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265063
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiswitch
|
Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW-448D, FSW-448D-POE, FSW-448D-FPOE, FSW-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4573
|
2024-11-21 11:52 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265064
|
8.8 |
HIGH
Network
|
theforeman
|
foreman
|
The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) rea…
|
CWE-254
7PK - Security Features
|
CVE-2016-4475
|
2024-11-21 11:52 |
2016-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265065
|
5.0 |
MEDIUM
Network
|
theforeman
|
foreman
|
The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restricti…
|
CWE-254
7PK - Security Features
|
CVE-2016-4451
|
2024-11-21 11:52 |
2016-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265066
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
|
IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
CWE-264
CWE-119
Permissions, Privileges, and Access Controls
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4654
|
2024-11-21 11:52 |
2016-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265067
|
8.8 |
HIGH
Network
|
apache
|
archiva
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repo…
|
CWE-352
Origin Validation Error
|
CVE-2016-4469
|
2024-11-21 11:52 |
2016-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265068
|
7.3 |
HIGH
Network
|
rockwellautomation
|
factorytalk_energrymetrix
|
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattend…
|
CWE-285
Improper Authorization
|
CVE-2016-4531
|
2024-11-21 11:52 |
2016-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265069
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
factorytalk_energrymetrix
|
SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2016-4522
|
2024-11-21 11:52 |
2016-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265070
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
tvos
mac_os_x
watchos
|
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4653
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
