|
265121
|
6.5 |
MEDIUM
Network
|
netapp
|
oncommand_system_manager
|
NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5047
|
2024-11-21 11:53 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265122
|
9.8 |
CRITICAL
Network
|
readydesk
|
readydesk
|
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-5050
|
2024-11-21 11:53 |
2016-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265123
|
7.5 |
HIGH
Network
|
readydesk
|
readydesk
|
Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in …
|
CWE-22
Path Traversal
|
CVE-2016-5049
|
2024-11-21 11:53 |
2016-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265124
|
9.8 |
CRITICAL
Network
|
readydesk
|
readydesk
|
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field.
|
CWE-89
SQL Injection
|
CVE-2016-5048
|
2024-11-21 11:53 |
2016-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265125
|
7.5 |
HIGH
Network
|
f5
|
big-ip_edge_gateway
big-ip_protocol_security_module
big-ip_analytics
big-ip_application_security_manager
big-ip_advanced_firewall_manager
big-ip_domain_name_system
big-ip_policy_enf…
|
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote att…
|
CWE-284
Improper Access Control
|
CVE-2016-5023
|
2024-11-21 11:53 |
2016-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265126
|
9.8 |
CRITICAL
Network
|
zmodo
|
zp-ibh-13w
zp-ne-14-s
|
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-5081
|
2024-11-21 11:53 |
2016-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265127
|
5.3 |
MEDIUM
Network
|
theforeman
|
foreman
|
Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to obtai…
|
CWE-200
Information Exposure
|
CVE-2016-4995
|
2024-11-21 11:53 |
2016-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265128
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5146
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265129
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, …
|
CWE-254
7PK - Security Features
|
CVE-2016-5145
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265130
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which…
|
CWE-284
Improper Access Control
|
CVE-2016-5144
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
