|
265791
|
5.3 |
MEDIUM
Network
|
openafs
|
openafs
|
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC re…
|
CWE-200
Information Exposure
|
CVE-2016-9772
|
2024-11-21 12:01 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265792
|
5.5 |
MEDIUM
Local
|
libtiff
debian
|
libtiff
debian_linux
|
Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9532
|
2024-11-21 12:01 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265793
|
5.5 |
MEDIUM
Local
|
webkit
|
webkit
|
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9642
|
2024-11-21 12:01 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265794
|
6.3 |
MEDIUM
Network
|
emc
|
documentum_d2
|
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenti…
|
CWE-77
Command Injection
|
CVE-2016-9873
|
2024-11-21 12:01 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265795
|
6.1 |
MEDIUM
Network
|
emc
|
documentum_d2
|
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected sy…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9872
|
2024-11-21 12:01 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265796
|
7.2 |
HIGH
Network
|
emc
|
isilon_onefs
|
EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9871
|
2024-11-21 12:01 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265797
|
7.8 |
HIGH
Local
|
ibm
|
security_identity_manager
|
IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.
|
CWE-255
Credentials Management
|
CVE-2016-9739
|
2024-11-21 12:01 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265798
|
6.1 |
MEDIUM
Network
|
ibm
|
security_identity_manager_virtual_appliance
|
IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9704
|
2024-11-21 12:01 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265799
|
2.4 |
LOW
Physics
|
ibm
|
security_identity_manager_virtual_appliance
|
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information.
|
CWE-384
Session Fixation
|
CVE-2016-9703
|
2024-11-21 12:01 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265800
|
5.4 |
MEDIUM
Network
|
ibm
|
business_process_manager
|
IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9731
|
2024-11-21 12:01 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
