|
267391
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
NVD-CWE-Other
|
CVE-2016-20003
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267392
|
9.8 |
CRITICAL
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
CWE-863
Incorrect Authorization
|
CVE-2016-20002
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267393
|
9.8 |
CRITICAL
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
CWE-863
Incorrect Authorization
|
CVE-2016-20001
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267394
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
NVD-CWE-Other
|
CVE-2016-20008
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267395
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
CWE-613
Insufficient Session Expiration
|
CVE-2016-20007
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267396
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
NVD-CWE-noinfo
|
CVE-2016-20006
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267397
|
7.5 |
HIGH
Network
|
arubanetworks
|
arubaos
aruba_instant
airwave
|
A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain…
|
CWE-287
Improper Authentication
|
CVE-2016-2032
|
2024-11-21 11:47 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267398
|
9.8 |
CRITICAL
Network
|
arubanetworks
siemens
|
arubaos
aruba_instant
airwave
scalance_w1750d_firmware
|
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a maliciou…
|
CWE-20
Improper Input Validation
|
CVE-2016-2031
|
2024-11-21 11:47 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267399
|
8.8 |
HIGH
Network
|
samba
|
samba
|
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses…
|
-
|
CVE-2016-2123
|
2024-11-21 11:47 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267400
|
6.5 |
MEDIUM
Network
|
powerdns
debian
|
authoritative
debian_linux
|
An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone u…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-2120
|
2024-11-21 11:47 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
