|
269621
|
5.9 |
MEDIUM
Network
|
bluecoat
|
ssl_visibility_appliance_sv1800_firmware
ssl_visibility_appliance_sv800_firmware
ssl_visibility_appliance_sv3800_firmware
ssl_visibility_appliance_sv2800_firmware
|
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connec…
|
CWE-399
Resource Management Errors
|
CVE-2016-10259
|
2024-11-21 11:43 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269622
|
7.8 |
HIGH
Local
|
synology
|
photo_station
|
Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10323
|
2024-11-21 11:43 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269623
|
8.8 |
HIGH
Network
|
synology
|
photo_station
|
Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php.
|
CWE-77
Command Injection
|
CVE-2016-10322
|
2024-11-21 11:43 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269624
|
9.8 |
CRITICAL
Network
|
sap
|
netweaver
|
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10311
|
2024-11-21 11:43 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269625
|
4.9 |
MEDIUM
Network
|
sap
|
sql_anywhere
|
Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10310
|
2024-11-21 11:43 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269626
|
9.8 |
CRITICAL
Network
|
web2py
|
web2py
|
web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks.
|
CWE-254
7PK - Security Features
|
CVE-2016-10321
|
2024-11-21 11:43 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269627
|
6.5 |
MEDIUM
Network
|
sap
|
netweaver_application_server_java
|
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java ob…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-10304
|
2024-11-21 11:43 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269628
|
6.1 |
MEDIUM
Network
|
clip-bucket
|
clipbucket
|
Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools, occu…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1000307
|
2024-11-21 11:43 |
2017-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269629
|
7.8 |
HIGH
Local
|
textract_project
|
textract
|
textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files.
|
CWE-78
OS Command
|
CVE-2016-10320
|
2024-11-21 11:43 |
2017-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269630
|
5.9 |
MEDIUM
Network
|
arm_trusted_firmware_project
|
arm_trusted_firmware
|
In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involvin…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10319
|
2024-11-21 11:43 |
2017-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
