|
266581
|
9.8 |
CRITICAL
Network
|
openstack
|
magnum
|
OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API acces…
|
CWE-200
Information Exposure
|
CVE-2016-7404
|
2024-11-21 11:57 |
2019-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266582
|
9.8 |
CRITICAL
Network
|
redhat
|
kie-server
|
It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access…
|
-
|
CVE-2016-7043
|
2024-11-21 11:57 |
2019-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266583
|
5.5 |
MEDIUM
Local
|
capstone-engine
|
capstone
|
Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-7151
|
2024-11-21 11:57 |
2019-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266584
|
7.8 |
HIGH
Local
|
redhat
|
jboss_enterprise_application_platform
|
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execut…
|
CWE-275
Permission Issues
|
CVE-2016-7066
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266585
|
5.9 |
MEDIUM
Network
|
powerdns
debian
|
authoritative
recursor
debian_linux
|
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insuf…
|
CWE-20
Improper Input Validation
|
CVE-2016-7074
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266586
|
5.9 |
MEDIUM
Network
|
powerdns
debian
|
authoritative
recursor
debian_linux
|
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insuf…
|
CWE-20
Improper Input Validation
|
CVE-2016-7073
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266587
|
8.0 |
HIGH
Adjacent
|
redhat
|
ansible_tower
|
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-7070
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266588
|
7.5 |
HIGH
Network
|
powerdns
|
dnsdist
|
An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the re…
|
CWE-20
Improper Input Validation
|
CVE-2016-7069
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266589
|
7.5 |
HIGH
Network
|
powerdns
debian
|
authoritative
recursor
debian_linux
|
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the Power…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-7068
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266590
|
4.3 |
MEDIUM
Network
|
redhat
|
cloudforms
cloudforms_management_engine
|
A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenant…
|
CWE-200
Information Exposure
|
CVE-2016-7047
|
2024-11-21 11:57 |
2018-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
