|
267641
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.
|
CWE-78
OS Command
|
CVE-2016-6147
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267642
|
5.3 |
MEDIUM
Network
|
sap
|
hana_db
|
The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailed_error_on_c…
|
CWE-200
Information Exposure
|
CVE-2016-6145
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267643
|
8.1 |
HIGH
Network
|
sap
|
hana
|
The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," …
|
CWE-284
Improper Access Control
|
CVE-2016-6144
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267644
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.
|
CWE-284
Improper Access Control
|
CVE-2016-6140
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267645
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
|
NVD-CWE-noinfo
|
CVE-2016-6139
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267646
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
|
CWE-22
Path Traversal
|
CVE-2016-6138
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267647
|
6.2 |
MEDIUM
Local
|
xen
citrix
|
xen
xenserver
|
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial …
|
CWE-20
Improper Input Validation
|
CVE-2016-6259
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267648
|
8.8 |
HIGH
Local
|
xen
citrix
|
xen
xenserver
|
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
|
CWE-284
Improper Access Control
|
CVE-2016-6258
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267649
|
7.5 |
HIGH
Network
|
canonical
kde
|
ubuntu_linux
karchives
|
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, r…
|
CWE-22
Path Traversal
|
CVE-2016-6232
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267650
|
7.8 |
HIGH
Local
|
huawei
|
p8_smartphone_firmware
|
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted applica…
|
CWE-264
NVD-CWE-noinfo
Permissions, Privileges, and Access Controls
|
CVE-2016-6193
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
