|
269631
|
3.3 |
LOW
Local
|
microsoft
|
office
|
The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."
|
CWE-254
7PK - Security Features
|
CVE-2016-0137
|
2024-11-21 11:41 |
2016-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269632
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_team_concert
rational_collaborative_lifecycle_management
|
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remo…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0331
|
2024-11-21 11:41 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269633
|
3.1 |
LOW
Network
|
ibm
|
websphere_application_server
|
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is en…
|
CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error')
Information Exposure
|
CVE-2016-0385
|
2024-11-21 11:41 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269634
|
2.7 |
LOW
Network
|
ibm
|
forms_experience_builder
|
Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an …
|
CWE-79
Cross-site Scripting
|
CVE-2016-0370
|
2024-11-21 11:41 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269635
|
6.1 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0293
|
2024-11-21 11:41 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269636
|
5.9 |
MEDIUM
Network
|
ibm
|
bigfix_webreports
|
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.
|
CWE-200
Information Exposure
|
CVE-2016-0397
|
2024-11-21 11:41 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269637
|
5.5 |
MEDIUM
Local
|
ibm
|
bigfix
|
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report.
|
CWE-200
Information Exposure
|
CVE-2016-0292
|
2024-11-21 11:41 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269638
|
3.3 |
LOW
Local
|
ibm
|
sterling_connect\
|
IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0380
|
2024-11-21 11:41 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269639
|
6.5 |
MEDIUM
Network
|
ibm
|
general_parallel_file_system
|
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticate…
|
NVD-CWE-noinfo
|
CVE-2016-0361
|
2024-11-21 11:41 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269640
|
3.7 |
LOW
Network
|
ibm
|
aix
vios
|
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter cras…
|
CWE-20
Improper Input Validation
|
CVE-2016-0281
|
2024-11-21 11:41 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
