|
269641
|
9.1 |
CRITICAL
Network
|
apache
|
wicket
|
The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the pe…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-6793
|
2024-11-21 11:56 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269642
|
9.8 |
CRITICAL
Network
|
cloudfoundry
|
cf-mysql-release
cf-release
|
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release versions prior to v245 and cf-mysql-release versions prior to v31. A command injection vulnerability was discovered in a comm…
|
CWE-77
Command Injection
|
CVE-2016-6655
|
2024-11-21 11:56 |
2017-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269643
|
7.5 |
HIGH
Network
|
bluecoat
|
proxysg
cacheflow
advanced_secure_gateway
|
Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning.
|
CWE-254
7PK - Security Features
|
CVE-2016-6594
|
2024-11-21 11:56 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269644
|
7.5 |
HIGH
Network
|
apache
|
cordova
|
Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods (Log.v(), Log.d(), Log.i(), Log.w(), and Log.e()) are stored in a s…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-6799
|
2024-11-21 11:56 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269645
|
5.4 |
MEDIUM
Network
|
redhat
openstack
|
openstack
manila
|
Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in t…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6519
|
2024-11-21 11:56 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269646
|
9.8 |
CRITICAL
Network
|
google
|
android
|
The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6727
|
2024-11-21 11:56 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269647
|
9.8 |
CRITICAL
Network
|
google
|
android
|
Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.
|
NVD-CWE-noinfo
|
CVE-2016-6726
|
2024-11-21 11:56 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269648
|
7.5 |
HIGH
Network
|
redhat
canonical
nettle_project
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
ubuntu_linux
nettle
|
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2016-6489
|
2024-11-21 11:56 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269649
|
9.8 |
CRITICAL
Network
|
sap
|
business_intelligence_platform
|
SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), …
|
CWE-89
SQL Injection
|
CVE-2016-6818
|
2024-11-21 11:56 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269650
|
9.8 |
CRITICAL
Network
|
apache
|
tomcat_jk_connector
|
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6808
|
2024-11-21 11:56 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
