|
269811
|
6.1 |
MEDIUM
Network
|
jenkins
redhat
|
jenkins
openshift
|
CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitti…
|
CWE-20
Improper Input Validation
|
CVE-2016-0789
|
2024-11-21 11:42 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269812
|
9.8 |
CRITICAL
Network
|
jenkins
redhat
|
jenkins
openshift
|
The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0788
|
2024-11-21 11:42 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269813
|
9.8 |
CRITICAL
Network
|
samsung
fedoraproject
|
x14j_firmware
fedora
|
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denia…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-0729
|
2024-11-21 11:42 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269814
|
6.1 |
MEDIUM
Network
|
apache
|
activemq
|
The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via …
|
CWE-254
7PK - Security Features
|
CVE-2016-0734
|
2024-11-21 11:42 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269815
|
8.8 |
HIGH
Network
|
emc
|
documentum_d2
|
EMC Documentum D2 before 4.6 lacks intended ACLs for configuration objects, which allows remote authenticated users to modify objects via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-0888
|
2024-11-21 11:42 |
2016-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269816
|
7.5 |
HIGH
Network
|
eaton_lighting_systems
|
eg2_web_control
|
Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request.
|
CWE-200
Information Exposure
|
CVE-2016-0871
|
2024-11-21 11:42 |
2016-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269817
|
7.5 |
HIGH
Network
|
redhat
|
jboss_wildfly_application_server
|
Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensit…
|
CWE-200
Information Exposure
|
CVE-2016-0793
|
2024-11-21 11:42 |
2016-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269818
|
8.1 |
HIGH
Network
|
redhat
oracle
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
icedtea7
jdk
jre
|
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-componen…
|
NVD-CWE-noinfo
|
CVE-2016-0636
|
2024-11-21 11:42 |
2016-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269819
|
5.9 |
MEDIUM
Network
|
samba
|
samba
|
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-0771
|
2024-11-21 11:42 |
2016-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269820
|
6.1 |
MEDIUM
Physics
|
google
|
android
|
Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified…
|
CWE-264
CWE-254
Permissions, Privileges, and Access Controls
7PK - Security Features
|
CVE-2016-0832
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
