|
270771
|
7.5 |
HIGH
Network
|
ibm
|
security_privileged_identity_manager_virtual_appliance
|
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive information by lever…
|
CWE-310
Cryptographic Issues
|
CVE-2016-5957
|
2024-11-21 11:55 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270772
|
5.7 |
MEDIUM
Network
|
ibm
|
tivoli_storage_productivity_center
spectrum_control
|
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2016-5947
|
2024-11-21 11:55 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270773
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot…
|
CWE-200
Information Exposure
|
CVE-2016-5946
|
2024-11-21 11:55 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270774
|
4.3 |
MEDIUM
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request.
|
CWE-284
Improper Access Control
|
CVE-2016-5945
|
2024-11-21 11:55 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270775
|
5.4 |
MEDIUM
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2016-5944
|
2024-11-21 11:55 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270776
|
5.4 |
MEDIUM
Network
|
ibm
|
spectrum_control
|
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properti…
|
CWE-284
Improper Access Control
|
CVE-2016-5943
|
2024-11-21 11:55 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270777
|
8.8 |
HIGH
Local
|
moxa
|
active_opc_server
|
Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.
|
CWE-428
Unquoted Search Path or Element
|
CVE-2016-5793
|
2024-11-21 11:55 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270778
|
8.4 |
HIGH
Local
|
redhat
|
quickstart_cloud_installer
|
The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determine cleartext passwords via a brute-force …
|
CWE-254
7PK - Security Features
|
CVE-2016-6340
|
2024-11-21 11:55 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270779
|
8.4 |
HIGH
Local
|
redhat
|
quickstart_cloud_installer
|
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6322
|
2024-11-21 11:55 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270780
|
5.5 |
MEDIUM
Local
|
artifex
opensuse
|
mupdf
leap
opensuse
|
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
|
CWE-416
Use After Free
|
CVE-2016-6265
|
2024-11-21 11:55 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
