|
267141
|
2.5 |
LOW
Local
|
ibm
|
tivoli_storage_manager
|
IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary ac…
|
CWE-200
Information Exposure
|
CVE-2016-2894
|
2024-11-21 11:49 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267142
|
6.5 |
MEDIUM
Network
|
ibm
|
security_qradar_incident_forensics
|
IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2968
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267143
|
5.3 |
MEDIUM
Network
|
ibm
|
integration_bus
websphere_message_broker
|
The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version informat…
|
CWE-200
Information Exposure
|
CVE-2016-2961
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267144
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2883
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267145
|
4.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses.
|
CWE-200
Information Exposure
|
CVE-2016-2882
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267146
|
6.5 |
MEDIUM
Network
|
bzip
python
|
bzip2
python
|
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the…
|
NVD-CWE-Other
|
CVE-2016-3189
|
2024-11-21 11:49 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267147
|
8.8 |
HIGH
Network
|
ibm
|
websphere_portal
web_content_manager
|
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote attackers to hijack the authent…
|
CWE-352
Origin Validation Error
|
CVE-2016-2901
|
2024-11-21 11:49 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267148
|
8.8 |
HIGH
Network
|
libav
ffmpeg
debian
opensuse
|
libav
ffmpeg
debian_linux
leap
|
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3062
|
2024-11-21 11:49 |
2016-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267149
|
7.3 |
HIGH
Local
|
microsoft
|
office_compatibility_pack
excel
|
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vul…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3233
|
2024-11-21 11:49 |
2016-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267150
|
5.0 |
MEDIUM
Local
|
microsoft
|
windows_server_2012
|
The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted appli…
|
CWE-200
Information Exposure
|
CVE-2016-3232
|
2024-11-21 11:49 |
2016-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
