|
266341
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IB…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8971
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266342
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_storage_manager
|
IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that acc…
|
CWE-200
Information Exposure
|
CVE-2016-8940
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266343
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via t…
|
CWE-89
SQL Injection
|
CVE-2016-9087
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266344
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parame…
|
CWE-89
SQL Injection
|
CVE-2016-9020
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266345
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute ar…
|
CWE-89
SQL Injection
|
CVE-2016-9019
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266346
|
9.8 |
CRITICAL
Network
|
libupnp_project
debian
|
libupnp
debian_linux
|
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8863
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266347
|
7.5 |
HIGH
Network
|
ca
|
unified_infrastructure_management
|
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA…
|
CWE-22
Path Traversal
|
CVE-2016-9164
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266348
|
6.1 |
MEDIUM
Network
|
ca
|
service_desk_manager
|
Cross-site scripting (XSS) vulnerability in CA Service Desk Manager (formerly CA Service Desk) 12.9 and 14.1 allows remote attackers to inject arbitrary web script or HTML via the QBE.EQ.REF_NUM para…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9148
|
2024-11-21 12:00 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266349
|
5.4 |
MEDIUM
Network
|
tenable
|
log_correlation_engine
|
Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9261
|
2024-11-21 12:00 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266350
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9259
|
2024-11-21 12:00 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
