|
264931
|
4.3 |
MEDIUM
Network
|
oracle
|
flexcube_universal_banking
|
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confident…
|
CWE-200
Information Exposure
|
CVE-2016-5479
|
2024-11-21 11:54 |
2016-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264932
|
7.8 |
HIGH
Local
|
apache
|
tomcat
|
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows l…
|
CWE-276
Incorrect Default Permissions
|
CVE-2016-5425
|
2024-11-21 11:54 |
2016-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264933
|
6.1 |
MEDIUM
Network
|
nodejs
suse
|
node.js
linux_enterprise
|
CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject…
|
CWE-113
HTTP Response Splitting
|
CVE-2016-5325
|
2024-11-21 11:54 |
2016-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264934
|
5.9 |
MEDIUM
Network
|
google
|
android
|
The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle attackers to cause a denial of service…
|
CWE-399
Resource Management Errors
|
CVE-2016-5348
|
2024-11-21 11:54 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264935
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other product…
|
CWE-120
Classic Buffer Overflow
|
CVE-2016-5343
|
2024-11-21 11:54 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264936
|
9.8 |
CRITICAL
Network
|
f5
|
big-ip_local_traffic_manager
|
F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF…
|
CWE-284
Improper Access Control
|
CVE-2016-5745
|
2024-11-21 11:54 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264937
|
9.8 |
CRITICAL
Network
|
animas
|
onetouch_ping_firmware
|
Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol.
|
CWE-287
Improper Authentication
|
CVE-2016-5686
|
2024-11-21 11:54 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264938
|
3.3 |
LOW
Local
|
redhat
|
enterprise_virtualization
|
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-5432
|
2024-11-21 11:54 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264939
|
5.4 |
MEDIUM
Network
|
redhat
|
jboss_bpm_suite
|
Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permis…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5398
|
2024-11-21 11:54 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264940
|
9.8 |
CRITICAL
Network
|
f5
|
big-ip_policy_enforcement_manager
big-ip_local_traffic_manager
big-ip_websafe
big-ip_link_controller
big-ip_application_acceleration_manager
big-ip_access_policy_manager
big-ip_adva…
|
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured wit…
|
CWE-284
Improper Access Control
|
CVE-2016-5700
|
2024-11-21 11:54 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
