|
267311
|
5.4 |
MEDIUM
Network
|
ibm
|
filenet_workplace
filenet_workplace_xt
|
Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace XT through 1.1.5.2-WPXT-LA011 and FileNet Workplace (Application Engine) through 4.0.2.14-P8AE-IF001, when RegExpSecurityFilter and S…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5981
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267312
|
5.3 |
MEDIUM
Network
|
ibm
|
tealeaf_customer_experience
|
The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-5968
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267313
|
5.5 |
MEDIUM
Local
|
ibm
|
rational_asset_analyzer
|
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local users to discover the WAS Admin password by reading IM native logs.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-5967
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267314
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
|
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 6.0.2 before iFix004 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-5955
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267315
|
10.0 |
CRITICAL
Network
|
ge
|
bently_nevada_3500\/22m_usb_firmware
bently_nevada_3500\/22m_serial_firmware
|
General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via…
|
CWE-254
CWE-285
7PK - Security Features
Improper Authorization
|
CVE-2016-5788
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267316
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_experience
|
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successf…
|
NVD-CWE-Other
|
CVE-2016-5852
|
2024-11-21 11:55 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267317
|
5.4 |
MEDIUM
Network
|
ibm
|
financial_transaction_manager
|
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users …
|
CWE-79
Cross-site Scripting
|
CVE-2016-5920
|
2024-11-21 11:55 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267318
|
7.5 |
HIGH
Network
|
cisco
|
email_security_appliance
|
A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application …
|
CWE-20
Improper Input Validation
|
CVE-2016-6358
|
2024-11-21 11:55 |
2016-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267319
|
7.5 |
HIGH
Network
|
cisco
|
email_security_appliance
|
A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypas…
|
CWE-388
7PK - Errors
|
CVE-2016-6357
|
2024-11-21 11:55 |
2016-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267320
|
7.5 |
HIGH
Network
|
cisco
|
email_security_appliance
web_security_appliance
|
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial den…
|
CWE-20
Improper Input Validation
|
CVE-2016-6360
|
2024-11-21 11:55 |
2016-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
