|
266941
|
5.5 |
MEDIUM
Local
|
redhat
|
openstack
|
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use…
|
-
|
CVE-2016-2121
|
2024-11-21 11:47 |
2018-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266942
|
5.3 |
MEDIUM
Network
|
cloudfoundry
|
capi-release
cf-release
|
Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a ro…
|
CWE-17
Code
|
CVE-2016-2169
|
2024-11-21 11:47 |
2018-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266943
|
6.5 |
MEDIUM
Network
|
netapp
|
data_ontap
|
NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2016-1895
|
2024-11-21 11:47 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266944
|
5.3 |
MEDIUM
Network
|
haproxy
|
haproxy
|
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.
|
CWE-287
Improper Authentication
|
CVE-2016-2102
|
2024-11-21 11:47 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266945
|
7.5 |
HIGH
Network
|
apache
|
http_server
|
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
|
CWE-20
Improper Input Validation
|
CVE-2016-2161
|
2024-11-21 11:47 |
2017-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266946
|
9.8 |
CRITICAL
Network
|
arubanetworks
|
clearpass
|
SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.
|
CWE-89
SQL Injection
|
CVE-2016-2034
|
2024-11-21 11:47 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266947
|
6.5 |
MEDIUM
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cf-release
|
The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when…
|
CWE-20
Improper Input Validation
|
CVE-2016-2165
|
2024-11-21 11:47 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266948
|
7.8 |
HIGH
Local
|
lenovo
|
solution_center
|
The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1876
|
2024-11-21 11:47 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266949
|
6.5 |
MEDIUM
Network
|
samba
|
samba
|
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2126
|
2024-11-21 11:47 |
2017-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266950
|
9.8 |
CRITICAL
Network
|
fedoraproject
vmware
|
fedora
spring_advanced_message_queuing_protocol
|
org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
|
CWE-20
Improper Input Validation
|
CVE-2016-2173
|
2024-11-21 11:47 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
