|
267851
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6787
|
2024-11-21 11:56 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267852
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6786
|
2024-11-21 11:56 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267853
|
7.8 |
HIGH
Local
|
ffmpeg
|
ffmpeg
|
The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6671
|
2024-11-21 11:56 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267854
|
8.1 |
HIGH
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry
cloud_foundry_uaa
cloud_foundry_uaa_bosh
|
Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 for UAA 3.6.5 and before 24 for UAA 3.9.3…
|
CWE-287
Improper Authentication
|
CVE-2016-6659
|
2024-11-21 11:56 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267855
|
7.4 |
HIGH
Network
|
pivotal_software
|
cloud_foundry_ops_manager
cloud_foundry_elastic_runtime
|
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime components. Users of affected versions should apply the following mitigation: Upgrade PCF Elastic Runt…
|
CWE-601
Open Redirect
|
CVE-2016-6657
|
2024-11-21 11:56 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267856
|
7.2 |
HIGH
Network
|
pivotal_software
|
greenplum
|
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using GPHDFS protocol has a vulnerability whereby arbitrary commands can be injected into the system. In orde…
|
CWE-77
Command Injection
|
CVE-2016-6656
|
2024-11-21 11:56 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267857
|
6.1 |
MEDIUM
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script cod…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6854
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267858
|
4.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file ex…
|
CWE-200
Information Exposure
|
CVE-2016-6852
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267859
|
5.5 |
MEDIUM
Local
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client ("Reflected File Download"). Malicious…
|
CWE-254
7PK - Security Features
|
CVE-2016-6848
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267860
|
6.1 |
MEDIUM
Network
|
open-xchange
|
ox_guard
|
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on …
|
CWE-79
Cross-site Scripting
|
CVE-2016-6853
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
