|
268821
|
9.8 |
CRITICAL
Network
|
redhat
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
|
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstat…
|
CWE-199
Information Management Errors
|
CVE-2016-5405
|
2024-11-21 11:54 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268822
|
7.8 |
HIGH
Local
|
pngquant
|
pngquant
|
Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5735
|
2024-11-21 11:54 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268823
|
7.8 |
HIGH
Local
|
php
|
php
|
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary co…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-5399
|
2024-11-21 11:54 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268824
|
2.8 |
LOW
Local
|
oracle
|
solaris_cluster
|
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily "exploitable" vulnerabil…
|
CWE-284
Improper Access Control
|
CVE-2016-5551
|
2024-11-21 11:54 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268825
|
8.8 |
HIGH
Network
|
redhat
|
jboss_bpm_suite
jboss_enterprise_brms_platform
|
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web pag…
|
CWE-352
Origin Validation Error
|
CVE-2016-5401
|
2024-11-21 11:54 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268826
|
9.8 |
CRITICAL
Network
|
novell
|
groupwise
|
Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password,…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5762
|
2024-11-21 11:54 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268827
|
6.1 |
MEDIUM
Network
|
novell
|
groupwise
|
Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email.
|
CWE-79
Cross-site Scripting
|
CVE-2016-5761
|
2024-11-21 11:54 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268828
|
6.1 |
MEDIUM
Network
|
novell
|
groupwise
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5760
|
2024-11-21 11:54 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268829
|
7.5 |
HIGH
Network
|
redhat
|
openshift
|
Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information …
|
CWE-200
Information Exposure
|
CVE-2016-5409
|
2024-11-21 11:54 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268830
|
5.5 |
MEDIUM
Local
|
firewalld
redhat
|
firewalld
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
|
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntr…
|
CWE-287
Improper Authentication
|
CVE-2016-5410
|
2024-11-21 11:54 |
2017-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
