|
265711
|
9.8 |
CRITICAL
Network
|
apache
|
ws-xmlrpc
|
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-5003
|
2024-11-21 11:53 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265712
|
7.8 |
HIGH
Local
|
apache
|
xml-rpc
|
XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks v…
|
CWE-611
XXE
|
CVE-2016-5002
|
2024-11-21 11:53 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265713
|
7.5 |
HIGH
Network
|
juniper
|
junose
|
Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover …
|
CWE-19
Data Processing Errors
|
CVE-2016-4925
|
2024-11-21 11:53 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265714
|
5.5 |
MEDIUM
Local
|
juniper
|
junos
|
An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information conta…
|
CWE-275
Permission Issues
|
CVE-2016-4924
|
2024-11-21 11:53 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265715
|
6.1 |
MEDIUM
Network
|
juniper
|
junos
|
Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data …
|
CWE-79
Cross-site Scripting
|
CVE-2016-4923
|
2024-11-21 11:53 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265716
|
7.8 |
HIGH
Local
|
juniper
|
junos
|
Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. This may allow any user with permiss…
|
CWE-77
Command Injection
|
CVE-2016-4922
|
2024-11-21 11:53 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265717
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitim…
|
CWE-399
Resource Management Errors
|
CVE-2016-4921
|
2024-11-21 11:53 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265718
|
5.5 |
MEDIUM
Local
|
apache
|
hadoop
|
This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft …
|
CWE-200
Information Exposure
|
CVE-2016-5001
|
2024-11-21 11:53 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265719
|
9.1 |
CRITICAL
Network
|
apache
netapp
canonical
debian
redhat
oracle
|
tomcat
snap_creator_framework
oncommand_insight
oncommand_shift
ubuntu_linux
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
jboss_enterprise_application_pl…
|
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomca…
|
NVD-CWE-noinfo
|
CVE-2016-5018
|
2024-11-21 11:53 |
2017-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265720
|
7.0 |
HIGH
Local
|
redhat
|
satellite
|
discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local u…
|
CWE-255
Credentials Management
|
CVE-2016-4996
|
2024-11-21 11:53 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
