|
267271
|
5.3 |
MEDIUM
Network
|
opensuse
phpmyadmin
fedoraproject
|
leap
opensuse
phpmyadmin
fedora
|
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass int…
|
CWE-200
Information Exposure
|
CVE-2016-2039
|
2024-11-21 11:47 |
2016-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267272
|
5.3 |
MEDIUM
Network
|
phpmyadmin
fedoraproject
opensuse
|
phpmyadmin
fedora
leap
opensuse
|
phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error…
|
CWE-200
Information Exposure
|
CVE-2016-2038
|
2024-11-21 11:47 |
2016-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267273
|
7.5 |
HIGH
Network
|
phpmyadmin
|
phpmyadmin
|
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easie…
|
CWE-255
CWE-254
Credentials Management
7PK - Security Features
|
CVE-2016-1927
|
2024-11-21 11:47 |
2016-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267274
|
5.9 |
MEDIUM
Network
|
hp
|
hp-ux_ipfilter
|
HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets.
|
CWE-20
Improper Input Validation
|
CVE-2016-1987
|
2024-11-21 11:47 |
2016-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267275
|
6.1 |
MEDIUM
Network
|
citrix
|
netscaler
|
The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.130…
|
CWE-254
7PK - Security Features
|
CVE-2016-2072
|
2024-11-21 11:47 |
2016-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267276
|
9.8 |
CRITICAL
Network
|
citrix
|
netscaler
|
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to g…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2071
|
2024-11-21 11:47 |
2016-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267277
|
6.1 |
MEDIUM
Network
|
sophos
|
unified_threat_management_software
|
Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2016-2046
|
2024-11-21 11:47 |
2016-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267278
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site tha…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1949
|
2024-11-21 11:47 |
2016-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267279
|
6.5 |
MEDIUM
Network
|
xmlsoft
debian
canonical
|
libxml2
debian_linux
ubuntu_linux
|
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2073
|
2024-11-21 11:47 |
2016-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267280
|
9.8 |
CRITICAL
Network
|
hp
|
continuous_delivery_automation
|
HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
|
CWE-94
Code Injection
|
CVE-2016-1986
|
2024-11-21 11:47 |
2016-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
