|
268661
|
5.4 |
MEDIUM
Network
|
hp
|
system_management_homepage
|
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4393
|
2024-11-21 11:52 |
2016-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268662
|
6.5 |
MEDIUM
Network
|
sap
|
sapcryptolib
|
The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka S…
|
CWE-284
Improper Access Control
|
CVE-2016-4407
|
2024-11-21 11:52 |
2016-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268663
|
7.5 |
HIGH
Network
|
sap
|
netweaver
sap_aba
sap_basis
|
The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the …
|
CWE-284
Improper Access Control
|
CVE-2016-4551
|
2024-11-21 11:52 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268664
|
8.1 |
HIGH
Network
|
hp
|
keyview
|
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-…
|
NVD-CWE-noinfo
|
CVE-2016-4390
|
2024-11-21 11:52 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268665
|
8.1 |
HIGH
Network
|
hp
|
keyview
|
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-…
|
NVD-CWE-noinfo
|
CVE-2016-4389
|
2024-11-21 11:52 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268666
|
8.1 |
HIGH
Network
|
hp
|
keyview
|
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-…
|
NVD-CWE-noinfo
|
CVE-2016-4388
|
2024-11-21 11:52 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268667
|
8.1 |
HIGH
Network
|
hp
|
keyview
|
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-…
|
NVD-CWE-noinfo
|
CVE-2016-4387
|
2024-11-21 11:52 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268668
|
9.8 |
CRITICAL
Network
|
apache
|
struts
|
Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up.
|
NVD-CWE-noinfo
|
CVE-2016-4436
|
2024-11-21 11:52 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268669
|
7.8 |
HIGH
Local
|
hp
|
network_automation
|
HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-4386
|
2024-11-21 11:52 |
2016-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268670
|
7.3 |
HIGH
Network
|
hp
|
network_automation
|
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Jav…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-4385
|
2024-11-21 11:52 |
2016-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
