|
264901
|
5.3 |
MEDIUM
Network
|
puppet
|
puppet_enterprise
|
The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is …
|
CWE-20
Improper Input Validation
|
CVE-2016-9686
|
2024-11-21 12:01 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264902
|
4.3 |
MEDIUM
Network
|
ibm
|
rational_requirements_composer
rational_doors_next_generation
|
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
|
CWE-200
Information Exposure
|
CVE-2016-9748
|
2024-11-21 12:01 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264903
|
9.1 |
CRITICAL
Network
|
saltstack
|
salt
|
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
|
CWE-284
Improper Access Control
|
CVE-2016-9639
|
2024-11-21 12:01 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264904
|
5.3 |
MEDIUM
Network
|
openafs
|
openafs
|
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC re…
|
CWE-200
Information Exposure
|
CVE-2016-9772
|
2024-11-21 12:01 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264905
|
5.5 |
MEDIUM
Local
|
libtiff
debian
|
libtiff
debian_linux
|
Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9532
|
2024-11-21 12:01 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264906
|
5.5 |
MEDIUM
Local
|
webkit
|
webkit
|
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9642
|
2024-11-21 12:01 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264907
|
6.3 |
MEDIUM
Network
|
emc
|
documentum_d2
|
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenti…
|
CWE-77
Command Injection
|
CVE-2016-9873
|
2024-11-21 12:01 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264908
|
6.1 |
MEDIUM
Network
|
emc
|
documentum_d2
|
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected sy…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9872
|
2024-11-21 12:01 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264909
|
7.2 |
HIGH
Network
|
emc
|
isilon_onefs
|
EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9871
|
2024-11-21 12:01 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264910
|
7.8 |
HIGH
Local
|
ibm
|
security_identity_manager
|
IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.
|
CWE-255
Credentials Management
|
CVE-2016-9739
|
2024-11-21 12:01 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
