|
268421
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortimanager_firmware
fortianalyzer_firmware
|
Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3196
|
2024-11-21 11:49 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268422
|
6.1 |
MEDIUM
Network
|
redhat
|
satellite
|
Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data.
|
CWE-79
Cross-site Scripting
|
CVE-2016-3097
|
2024-11-21 11:49 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268423
|
6.1 |
MEDIUM
Network
|
redhat
|
satellite
|
Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters,…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3080
|
2024-11-21 11:49 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268424
|
6.5 |
MEDIUM
Network
|
mit
|
kerberos_5
|
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-3120
|
2024-11-21 11:49 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268425
|
5.4 |
MEDIUM
Network
|
oracle
|
business_intelligence
|
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidenti…
|
NVD-CWE-noinfo
|
CVE-2016-3433
|
2024-11-21 11:49 |
2016-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268426
|
5.4 |
MEDIUM
Network
|
oracle
|
business_intelligence_publisher
|
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and …
|
NVD-CWE-noinfo
|
CVE-2016-3432
|
2024-11-21 11:49 |
2016-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268427
|
4.9 |
MEDIUM
Network
|
oracle
|
mysql
|
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.
|
NVD-CWE-noinfo
|
CVE-2016-3424
|
2024-11-21 11:49 |
2016-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268428
|
8.1 |
HIGH
Network
|
ibm
|
traveler
|
IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declara…
|
NVD-CWE-Other
|
CVE-2016-3039
|
2024-11-21 11:49 |
2016-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268429
|
8.4 |
HIGH
Local
|
opensuse
kde
|
leap
opensuse
kde_frameworks
|
kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly…
|
CWE-200
Information Exposure
|
CVE-2016-3100
|
2024-11-21 11:49 |
2016-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268430
|
4.4 |
MEDIUM
Local
|
microsoft
|
windows_server_2012
windows_10
windows_8.1
windows_rt_8.1
|
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative acc…
|
CWE-254
7PK - Security Features
|
CVE-2016-3287
|
2024-11-21 11:49 |
2016-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
