|
268181
|
7.5 |
HIGH
Network
|
vmware
ibm
|
spring_security
websphere_application_server
|
An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraint…
|
CWE-417
Channel and Path Errors
|
CVE-2016-9879
|
2024-11-21 12:01 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268182
|
5.5 |
MEDIUM
Local
|
emc
|
scaleio
|
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO …
|
CWE-275
Permission Issues
|
CVE-2016-9869
|
2024-11-21 12:01 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268183
|
5.5 |
MEDIUM
Local
|
emc
|
scaleio
|
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which …
|
CWE-254
7PK - Security Features
|
CVE-2016-9868
|
2024-11-21 12:01 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268184
|
8.8 |
HIGH
Local
|
emc
|
scaleio
|
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9867
|
2024-11-21 12:01 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268185
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain pri…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-9754
|
2024-11-21 12:01 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268186
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9846
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268187
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A …
|
CWE-200
Information Exposure
|
CVE-2016-9845
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268188
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A pri…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2016-9776
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268189
|
5.4 |
MEDIUM
Network
|
dotclear
|
dotclear
|
Cross-site scripting (XSS) vulnerability in admin/media.php and admin/media_item.php in Dotclear before 2.11 allows remote authenticated users to inject arbitrary web script or HTML via the upfiletit…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9891
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268190
|
7.5 |
HIGH
Network
|
pivotal_software
vmware
|
spring_framework
|
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result expose…
|
CWE-22
Path Traversal
|
CVE-2016-9878
|
2024-11-21 12:01 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
