|
268051
|
5.3 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate …
|
CWE-200
Information Exposure
|
CVE-2016-9725
|
2024-11-21 12:01 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268052
|
8.1 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose high…
|
CWE-611
XXE
|
CVE-2016-9724
|
2024-11-21 12:01 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268053
|
6.1 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
qradar_incident_forensics
|
IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to …
|
CWE-79
Cross-site Scripting
|
CVE-2016-9723
|
2024-11-21 12:01 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268054
|
5.3 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
qradar_incident_forensics
|
IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM Reference #: 1999533.
|
CWE-200
Information Exposure
|
CVE-2016-9720
|
2024-11-21 12:01 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268055
|
6.1 |
MEDIUM
Local
|
ibm
|
business_process_manager
websphere
|
IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicio…
|
CWE-20
Improper Input Validation
|
CVE-2016-9693
|
2024-11-21 12:01 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268056
|
7.5 |
HIGH
Network
|
webkit
|
webkit
|
The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-9643
|
2024-11-21 12:01 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268057
|
5.9 |
MEDIUM
Network
|
eset
|
endpoint_security
endpoint_antivirus
|
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL s…
|
CWE-295
Improper Certificate Validation
|
CVE-2016-9892
|
2024-11-21 12:01 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268058
|
5.5 |
MEDIUM
Local
|
graphicsmagick
debian
opensuse
|
graphicsmagick
debian_linux
leap
opensuse
|
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
|
CWE-20
Improper Input Validation
|
CVE-2016-9830
|
2024-11-21 12:01 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268059
|
5.5 |
MEDIUM
Local
|
libav
|
libav
|
libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
|
CWE-189
Numeric Errors
|
CVE-2016-9826
|
2024-11-21 12:01 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268060
|
5.5 |
MEDIUM
Local
|
libav
|
libav
|
libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
|
CWE-189
Numeric Errors
|
CVE-2016-9825
|
2024-11-21 12:01 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
