|
271071
|
9.8 |
CRITICAL
Network
|
apache
opensuse
|
xerces-c\+\+
opensuse
|
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML d…
|
NVD-CWE-Other
|
CVE-2016-2099
|
2024-11-21 11:47 |
2016-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271072
|
7.8 |
HIGH
Local
|
google
|
android
|
server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly vali…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2060
|
2024-11-21 11:47 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271073
|
8.1 |
HIGH
Network
|
hp
|
network_node_manager_i
|
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-2014
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271074
|
6.5 |
MEDIUM
Network
|
hp
|
network_node_manager_i
|
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-2013
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271075
|
6.5 |
MEDIUM
Network
|
hp
|
network_node_manager_i
|
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2016-2012
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271076
|
5.4 |
MEDIUM
Network
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2011
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271077
|
5.4 |
MEDIUM
Network
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2010
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271078
|
8.8 |
HIGH
Network
|
hp
|
network_node_manager_i
|
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache …
|
CWE-284
Improper Access Control
|
CVE-2016-2009
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271079
|
7.5 |
HIGH
Network
|
jboss
|
enterprise_application_platform
|
The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability.
|
CWE-399
Resource Management Errors
|
CVE-2016-2094
|
2024-11-21 11:47 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271080
|
7.8 |
HIGH
Local
|
linux
google
|
linux_kernel
nexus_5x_firmware
nexus_6p_firmware
|
The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributio…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-2062
|
2024-11-21 11:47 |
2016-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
