|
267021
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
CWE-613
Insufficient Session Expiration
|
CVE-2016-20007
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267022
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
NVD-CWE-noinfo
|
CVE-2016-20006
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267023
|
7.5 |
HIGH
Network
|
arubanetworks
|
arubaos
aruba_instant
airwave
|
A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain…
|
CWE-287
Improper Authentication
|
CVE-2016-2032
|
2024-11-21 11:47 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267024
|
9.8 |
CRITICAL
Network
|
arubanetworks
siemens
|
arubaos
aruba_instant
airwave
scalance_w1750d_firmware
|
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a maliciou…
|
CWE-20
Improper Input Validation
|
CVE-2016-2031
|
2024-11-21 11:47 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267025
|
8.8 |
HIGH
Network
|
samba
|
samba
|
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses…
|
-
|
CVE-2016-2123
|
2024-11-21 11:47 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267026
|
6.5 |
MEDIUM
Network
|
powerdns
debian
|
authoritative
debian_linux
|
An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone u…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-2120
|
2024-11-21 11:47 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267027
|
6.5 |
MEDIUM
Adjacent
|
samba
redhat
|
samba
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux_server_eus
gluster_st…
|
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subse…
|
CWE-20
Improper Input Validation
|
CVE-2016-2125
|
2024-11-21 11:47 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267028
|
5.5 |
MEDIUM
Local
|
redhat
|
openstack
|
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use…
|
-
|
CVE-2016-2121
|
2024-11-21 11:47 |
2018-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267029
|
5.3 |
MEDIUM
Network
|
cloudfoundry
|
capi-release
cf-release
|
Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a ro…
|
CWE-17
Code
|
CVE-2016-2169
|
2024-11-21 11:47 |
2018-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267030
|
6.5 |
MEDIUM
Network
|
netapp
|
data_ontap
|
NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2016-1895
|
2024-11-21 11:47 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
