|
266171
|
6.8 |
MEDIUM
Physics
|
ibm
|
rational_collaborative_lifecycle_management
|
An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.
|
CWE-200
Information Exposure
|
CVE-2016-2981
|
2024-11-21 11:49 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266172
|
7.5 |
HIGH
Network
|
blackberry
|
good_control_server
|
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys …
|
CWE-200
Information Exposure
|
CVE-2016-3127
|
2024-11-21 11:49 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266173
|
5.9 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
|
CWE-200
Information Exposure
|
CVE-2016-3052
|
2024-11-21 11:49 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266174
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
|
CWE-19
Data Processing Errors
|
CVE-2016-3013
|
2024-11-21 11:49 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266175
|
7.3 |
HIGH
Network
|
jenkins
|
script_security
|
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set arra…
|
CWE-254
7PK - Security Features
|
CVE-2016-3102
|
2024-11-21 11:49 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266176
|
5.4 |
MEDIUM
Network
|
jenkins
|
extra_columns
|
Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips th…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3101
|
2024-11-21 11:49 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266177
|
8.1 |
HIGH
Network
|
tor_browser_launcher_project
|
tor_browser_launcher
|
Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Troja…
|
CWE-254
7PK - Security Features
|
CVE-2016-3180
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266178
|
5.3 |
MEDIUM
Network
|
simplesamlphp
|
simplesamlphp
|
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-3124
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266179
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_system_manager
|
Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified ve…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2016-3063
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266180
|
5.5 |
MEDIUM
Local
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile
security_access_manager_9.0_firmware
|
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specia…
|
CWE-284
Improper Access Control
|
CVE-2016-3020
|
2024-11-21 11:49 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
