CVE-2016-4375

Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 aka iLO 3 firmware before 1.88, Integrated Lights-Out 4 aka iLO 4 firmware before 2.44, and Integrated Lights-Out 4 aka iLO 4 mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause...

Command Execution Vulnerability in Huawei UMA

Huawei UMA Unified Maintenance Audit is a unified audit system. It provides a unified O&M operation portal, controls and records O&M operations performed by users, and supports auditing by command view and video playback. A command execution vulnerability exists in Huawei UMA. As the system does...

Cybozu Garoon vulnerable to SQL injection

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an SQL injection vulnerability in the "Messages" function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the...

Huawei OceanStor ISM Product Cross-Site Scripting Vulnerability

OceanStor ISM is an integrated system management software that can manage CSS, view alerts and some basic information about CSS, and do some basic configuration, etc. A cross-site scripting vulnerability exists in the management interface of OceanStor ISM, due to the system not translating specia...

Authentication flaw

The 1 Organization and 2 Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organization by leveraging knowledge of the id of that...

ReadyDesk SQL Injection Vulnerability

ReadyDesk is a Web-based helpdesk software solution from ReadyDesk, Inc. A SQL injection vulnerability exists in ReadyDesk version 9.1, which can be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying database...

Cross-Site Scripting

Overview Affected versions of jqtree are vulnerable to cross-site scripting in the drag and drop functionality for modifying tree data. When a user attempts to drag a node to a different position in the hierarchy, script content existing within the node will be executed. Recommendation Update to...

Oracle Java SE Multiple Unspecified Vulnerabilities-03 (Jul 2016) - Windows

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre";...

Oracle Java SE Multiple Unspecified Vulnerabilities-01 (Jul 2016) - Windows

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Multiple Unspecified Vulnerabilities-01 (Jul 2016) - Linux

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TYPO3 'Another Simple Gallery' Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF maintained by the TYPO3 Association in Switzerland.Another Simple Gallery is one of the gallery extension plugin that displays images based on catalogs and categories. A SQL injection vulnerability exists in TYPO3 'Anothe...

Unspecified Vulnerability in Oracle Sun Systems Products Suite ILOM Component (CNVD-2016-05276)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.ILOM Integrated Lights Out Manager is one of the system management components that comes pre-installed on x86-based servers and SPARC-based servers. A security vulnerability exists in the SNMP subcomponen...

Unspecified Vulnerability in Oracle Sun Systems Products Suite ILOM Component (CNVD-2016-05299)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.ILOM Integrated Lights Out Manager is one of the system management components that comes pre-installed on x86-based servers and SPARC-based servers. A security vulnerability exists in the Web subcomponent...

Unspecified Vulnerability in Oracle Siebel CRM Siebel UI Framework Component (CNVD-2016-05473)

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...

Unspecified Vulnerability in Oracle Sun Solaris Verified Boot Subcomponent (CNVD-2016-05356)

Oracle Sun Solaris is a set of Unix-like operating systems from Oracle. A security vulnerability exists in the Verified Boot subcomponent of Oracle Sun Solaris version 11.3. A local attacker could exploit this vulnerability to update, insert, or delete data, which could also cause a denial of...

Unspecified Vulnerability in Oracle Supply Chain Products Suite Oracle Agile PLM Component (CNVD-2016-05439)

Oracle Supply Chain Products Suite is a set of supply chain solutions from Oracle, which provides value chain planning, value chain execution, product lifecycle management, etc. Oracle Agile PLM Product Lifecycle Management is one of the lifecycle management components. Oracle Agile PLM Product...

Intuit QuickBooks SQL Injection Vulnerability

Intuit QuickBooks is a suite of small financial management software from Intuit, USA. A SQL injection vulnerability exists in Intuit QuickBooks versions 2007 to 2016, which can be exploited by an attacker to take full control of the program and access or modify data...

HP Service Manager Multiple Vulnerabilities (Jul 2016)

HP Service Manager is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:hp:servicemanager"; if...

CVE-2016-1443

CVE-2016-1443 affects Cisco AMP Threat Grid Appliance before 2.1.1. The vulnerability lies in the virtual network stack, allowing an unauthenticated remote attacker to bypass sandboxing via a crafted malware sample and to obtain or modify interprocess data. Cisco’s advisory confirms exploitation ...

The vulnerability of the InfoSphere Information Server software platform, which allows a perpetrator to circumvent existing access control rules

The vulnerability of the Connector Migration Tool component of the InfoSphere Information Server software platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent existing access restrictions related to data creation and...