|
266601
|
9.8 |
CRITICAL
Network
|
barco
|
clickshare_csc-1_firmware
clickshare_csm-1_firmware
|
Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-3149
|
2024-11-21 11:49 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266602
|
6.6 |
MEDIUM
Network
|
blackberry
|
good_enterprise_mobility_server
|
A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote at…
|
NVD-CWE-noinfo
|
CVE-2016-3129
|
2024-11-21 11:49 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266603
|
7.4 |
HIGH
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be pro…
|
CWE-601
Open Redirect
|
CVE-2016-3174
|
2024-11-21 11:49 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266604
|
5.4 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The aria-label parameter of tiles at the Portal can be used to inject script code. Those labels use the name of the file (e.g. …
|
CWE-79
Cross-site Scripting
|
CVE-2016-3173
|
2024-11-21 11:49 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266605
|
8.1 |
HIGH
Network
|
ibm
|
filenet_workplace
|
IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an externa…
|
CWE-611
XXE
|
CVE-2016-3055
|
2024-11-21 11:49 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266606
|
6.8 |
MEDIUM
Network
|
ibm
|
filenet_workplace
|
Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 4.0.2.14 IF001 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecifi…
|
CWE-601
Open Redirect
|
CVE-2016-3047
|
2024-11-21 11:49 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266607
|
6.5 |
MEDIUM
Local
|
ibm
|
powerkvm
|
The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2016-3044
|
2024-11-21 11:49 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266608
|
8.1 |
HIGH
Network
|
ibm
|
appscan_source
|
IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity de…
|
CWE-611
XXE
|
CVE-2016-3033
|
2024-11-21 11:49 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266609
|
7.5 |
HIGH
Network
|
ibm
|
network_path_manager
api_connect
|
IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended acces…
|
CWE-200
Information Exposure
|
CVE-2016-3012
|
2024-11-21 11:49 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266610
|
5.4 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x before 6.2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-2994
|
2024-11-21 11:49 |
2016-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
