|
271001
|
7.8 |
HIGH
Local
|
apache
|
openoffice
|
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) …
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2016-1513
|
2024-11-21 11:46 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271002
|
7.8 |
HIGH
Local
|
paloaltonetworks
|
pan-os
|
Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper saniti…
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2016-1712
|
2024-11-21 11:46 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271003
|
7.8 |
HIGH
Local
|
debian
fedoraproject
perl
opensuse
apache
|
debian_linux
fedora
perl
leap
spamassassin
|
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1238
|
2024-11-21 11:46 |
2016-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271004
|
7.8 |
HIGH
Local
|
novell
|
filr
|
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's conten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1611
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271005
|
7.5 |
HIGH
Network
|
novell
|
filr
|
Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrict…
|
CWE-22
Path Traversal
|
CVE-2016-1610
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271006
|
5.4 |
MEDIUM
Network
|
novell
|
filr
|
Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1609
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271007
|
8.8 |
HIGH
Network
|
novell
|
filr
|
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer pa…
|
CWE-284
Improper Access Control
|
CVE-2016-1608
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271008
|
7.2 |
HIGH
Network
|
novell
|
filr
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administr…
|
CWE-352
Origin Validation Error
|
CVE-2016-1607
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271009
|
6.5 |
MEDIUM
Network
|
netiq
|
sentinel
|
Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileT…
|
CWE-22
Path Traversal
|
CVE-2016-1605
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271010
|
7.5 |
HIGH
Network
|
cisco
|
asyncos
|
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted attachment in an e-mail message, aka Bug ID CSCuz14932.
|
CWE-20
Improper Input Validation
|
CVE-2016-1461
|
2024-11-21 11:46 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
