|
268251
|
5.3 |
MEDIUM
Network
|
python
fedoraproject
opensuse
|
rsa
fedora
leap
opensuse
|
The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
|
CWE-20
Improper Input Validation
|
CVE-2016-1494
|
2024-11-21 11:46 |
2016-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268252
|
6.6 |
MEDIUM
Local
|
microsoft
mcafee
|
windows
application_control
|
The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Win…
|
CWE-189
Numeric Errors
|
CVE-2016-1715
|
2024-11-21 11:46 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268253
|
7.5 |
HIGH
Network
|
prosody
fedoraproject
debian
|
prosody
fedora
debian_linux
|
The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoo…
|
NVD-CWE-Other
|
CVE-2016-1232
|
2024-11-21 11:46 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268254
|
5.9 |
MEDIUM
Network
|
fedoraproject
prosody
debian
|
fedora
prosody
debian_linux
|
Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified p…
|
CWE-22
Path Traversal
|
CVE-2016-1231
|
2024-11-21 11:46 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268255
|
6.1 |
MEDIUM
Network
|
field_group_project
|
field_group
|
Cross-site scripting (XSS) vulnerability in the Field Group module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with permission to configure field display settings to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1565
|
2024-11-21 11:46 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268256
|
4.3 |
MEDIUM
Network
|
owncloud
|
owncloud
|
ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exce…
|
CWE-200
Information Exposure
|
CVE-2016-1501
|
2024-11-21 11:46 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268257
|
3.1 |
LOW
Network
|
owncloud
|
owncloud
|
ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, …
|
CWE-200
Information Exposure
|
CVE-2016-1500
|
2024-11-21 11:46 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268258
|
8.5 |
HIGH
Network
|
owncloud
|
owncloud
|
ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of serv…
|
CWE-200
CWE-399
Information Exposure
Resource Management Errors
|
CVE-2016-1499
|
2024-11-21 11:46 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268259
|
6.1 |
MEDIUM
Network
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allows remote attack…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1498
|
2024-11-21 11:46 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268260
|
9.8 |
CRITICAL
Network
|
pcre
php
fedoraproject
oracle
|
pcre
php
fedora
solaris
|
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1283
|
2024-11-21 11:46 |
2016-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
