|
270881
|
9.8 |
CRITICAL
Network
|
openstack
|
python-muranoclient
mitaka-murano
murano-dashboard
murano
|
OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x …
|
CWE-20
Improper Input Validation
|
CVE-2016-4972
|
2024-11-21 11:53 |
2016-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270882
|
6.1 |
MEDIUM
Network
|
redhat
|
jboss_enterprise_application_platform
jboss_wildfly_application_server
|
CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary…
|
CWE-93
CWE-113
CRLF Injection
HTTP Response Splitting
|
CVE-2016-4993
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270883
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5175
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270884
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers t…
|
CWE-20
Improper Input Validation
|
CVE-2016-5174
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270885
|
7.1 |
HIGH
Network
|
google
|
chrome
|
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trig…
|
CWE-284
Improper Access Control
|
CVE-2016-5173
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270886
|
6.5 |
MEDIUM
Network
|
google
nodejs
debian
|
chrome
node.js
debian_linux
|
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted Ja…
|
CWE-200
Information Exposure
|
CVE-2016-5172
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270887
|
8.8 |
HIGH
Network
|
google
|
chrome
|
WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of …
|
CWE-416
Use After Free
|
CVE-2016-5171
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270888
|
8.8 |
HIGH
Network
|
google
|
chrome
|
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which al…
|
CWE-416
Use After Free
|
CVE-2016-5170
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270889
|
8.8 |
HIGH
Network
|
google
|
chrome_os
|
Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5169
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270890
|
8.8 |
HIGH
Network
|
iodata
|
hvl-a2.0_firmware
hvl-a3.0_firmware
hvl-a4.0_firmware
hvl-at1.0s_firmware
hvl-at2.0_firmware
hvl-at2.0a_firmware
hvl-at3.0_firmware
hvl-at3.0a_firmware
hvl-at4.0_firmware
h…
|
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmw…
|
CWE-352
Origin Validation Error
|
CVE-2016-4845
|
2024-11-21 11:53 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
