|
272541
|
6.5 |
MEDIUM
Network
|
pulsesecure
|
pulse_connect_secure
|
The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access re…
|
CWE-284
Improper Access Control
|
CVE-2016-3985
|
2024-11-21 11:51 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272542
|
5.1 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention_endpoint
agent
virusscan_enterprise
host_intrusion_prevention
active_response
data_exchange_layer
endpoint_security
|
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1,…
|
CWE-284
Improper Access Control
|
CVE-2016-3984
|
2024-11-21 11:51 |
2016-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272543
|
7.5 |
HIGH
Network
|
mcafee
|
advanced_threat_defense
|
McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-3983
|
2024-11-21 11:51 |
2016-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272544
|
5.3 |
MEDIUM
Network
|
siemens
|
scalance_s613
|
Siemens SCALANCE S613 allows remote attackers to cause a denial of service (web-server outage) via traffic to TCP port 443.
|
NVD-CWE-Other
|
CVE-2016-3963
|
2024-11-21 11:51 |
2016-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272545
|
7.5 |
HIGH
Network
|
sap
|
application_server_java
|
The Java Startup Framework (aka jstart) in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted HTTP request, aka SAP Security Note 2259547.
|
CWE-20
Improper Input Validation
|
CVE-2016-3980
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272546
|
7.5 |
HIGH
Network
|
sap
|
java_as
|
Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service (heap memory corruption and process crash) via a crafted HTTP req…
|
CWE-20
Improper Input Validation
|
CVE-2016-3979
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272547
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3978
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272548
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver_application_server_java
|
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3975
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272549
|
9.1 |
CRITICAL
Network
|
sap
|
netweaver_application_server_java
|
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access…
|
CWE-611
XXE
|
CVE-2016-3974
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272550
|
5.3 |
MEDIUM
Network
|
sap
|
netweaver_application_server_java
|
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/…
|
CWE-200
Information Exposure
|
CVE-2016-3973
|
2024-11-21 11:51 |
2016-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
