|
265151
|
6.8 |
MEDIUM
Physics
|
cryptsetup_project
|
cryptsetup
|
The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.
|
CWE-287
Improper Authentication
|
CVE-2016-4484
|
2024-11-21 11:52 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265152
|
6.1 |
MEDIUM
Network
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4552
|
2024-11-21 11:52 |
2016-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265153
|
5.5 |
MEDIUM
Local
|
redhat
|
enterprise_virtualization
|
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-4443
|
2024-11-21 11:52 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265154
|
4.4 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the u…
|
CWE-254
7PK - Security Features
|
CVE-2016-4412
|
2024-11-21 11:52 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265155
|
7.5 |
HIGH
Network
|
hp
|
system_management_homepage
|
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4396
|
2024-11-21 11:52 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265156
|
7.5 |
HIGH
Network
|
hp
|
system_management_homepage
|
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4395
|
2024-11-21 11:52 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265157
|
6.5 |
MEDIUM
Network
|
hp
|
system_management_homepage
|
HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.
|
CWE-254
7PK - Security Features
|
CVE-2016-4394
|
2024-11-21 11:52 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265158
|
5.4 |
MEDIUM
Network
|
hp
|
system_management_homepage
|
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4393
|
2024-11-21 11:52 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265159
|
6.5 |
MEDIUM
Network
|
sap
|
sapcryptolib
|
The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka S…
|
CWE-284
Improper Access Control
|
CVE-2016-4407
|
2024-11-21 11:52 |
2016-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265160
|
7.5 |
HIGH
Network
|
sap
|
netweaver
sap_aba
sap_basis
|
The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the …
|
CWE-284
Improper Access Control
|
CVE-2016-4551
|
2024-11-21 11:52 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
