CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2016/08/15 12:0 a.m.•37 views

VMware vRealize Log Insight Directory Traversal Vulnerability (VMSA-2016-0011)

VMware vRealize Log Insight is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.3AI score0.02957EPSS

VMware•added 2016/08/10 12:0 a.m.•70 views

VMSA-2016-0011:vRealize Log Insight update addresses directory traversal vulnerability

VMSA-2016-0011 vRealize Log Insight update addresses directory traversal vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0011 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: vRealize Log Insight update addresses directory...

5.3CVSS6.3AI score0.02957EPSS

Exploits0References5Affected Software1

Tenable Nessus•added 2016/08/10 12:0 a.m.•20 views

VMware vRealize Log Insight 2.x / 3.x < 3.3.2 Multiple Vulnerabilities (VMSA-2016-0008)

The VMware vRealize Log Insight application running on the remote host is 2.x or 3.x prior to 3.3.2. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input before returning it to users. An...

8.8CVSS7.3AI score0.00765EPSS

Exploits0References4

Citrix•added 2016/07/20 12:0 a.m.•10 views

HDX Insight Diagnostics and Troubleshooting Guide

Citrix ADM, formerly NetScaler MAS Introduction Prerequisites for Configuring HDX Insight Troubleshooting Issues Related to ICA parsing Error Counter details Checklist before Contacting Citrix Technical Support Information to collect before Contacting Citrix Technical support Known Issues...

7AI score

Exploits0

NVD•added 2016/07/03 1:59 a.m.•17 views

CVE-2016-2082

Cross-site request forgery CSRF vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

8.8CVSS9AI score0.00632EPSS

OSV•added 2016/07/03 1:59 a.m.•0 views

CVE-2016-2082

8.8CVSS5.8AI score

NVD•added 2016/07/03 1:59 a.m.•20 views

CVE-2016-2081

Cross-site scripting XSS vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.00765EPSS

OSV•added 2016/07/03 1:59 a.m.•4 views

CVE-2016-2081

Cross-site scripting XSS vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00765EPSS

Prion•added 2016/07/03 1:59 a.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.00765EPSS

Prion•added 2016/07/03 1:59 a.m.•14 views

Cross site request forgery (csrf)

6.8CVSS7.6AI score0.00632EPSS

Cvelist•added 2016/07/03 1:0 a.m.•24 views

CVE-2016-2081

Cross-site scripting XSS vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.2AI score0.00765EPSS

Cvelist•added 2016/07/03 1:0 a.m.•27 views

CVE-2016-2082

9AI score0.00632EPSS

CVE•added 2016/07/03 1:0 a.m.•47 views

CVE-2016-2082

CVE-2016-2082 affects VMware vRealize Log Insight 2.x and 3.x prior to 3.3.2. The issue is a cross-site request forgery (CSRF/XSRF) vulnerability that can hijack an authenticated user’s session. The root cause is insufficient CSRF protection for certain actions. A remediation present in the conne...

8.8CVSS8.8AI score0.00632EPSS

CVE•added 2016/07/03 1:0 a.m.•62 views

CVE-2016-2081

The CVE-2016-2081 issue affects VMware vRealize Log Insight 2.x and 3.x prior to 3.3.2, with a cross-site scripting (XSS) vulnerability caused by improper validation of user-supplied input. An unauthenticated, remote attacker could inject arbitrary script or HTML via unspecified vectors, potentia...

6.1CVSS6.5AI score0.00765EPSS

CNVD•added 2016/06/19 12:0 a.m.•3 views

VMware vRealize Log Insight Cross-Site Scripting Vulnerability

VMware vRealize Log Insight is a suite of log management and analysis tools. A cross-site scripting vulnerability in VMware vRealize Log Insight allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to sensitive information ...

6.1CVSS6.2AI score0.00765EPSS

CNVD•added 2016/06/12 12:0 a.m.•2 views

HPE Systems Insight Manager Denial of Service Vulnerability

HPE Systems Insight Manager that HPE SIM, is the United States of America Hewlett Packard Enterprise Hewlett Packard Enterprise, HPE company's set of HP servers, storage devices for the management of the software, the software provides multi-system management, fault management and event processin...

9.8CVSS6.8AI score0.04426EPSS

CNVD•added 2016/06/12 12:0 a.m.•3 views

HPE Insight Control server deployment elevation of privilege vulnerability

HPE Insight Control server deployment is a set of server management configuration tools from Hewlett Packard Enterprise HPE. An elevation of privilege vulnerability exists in HPE Insight Control server deployment that allows local users to gain privileges via unspecified vectors...

8.4CVSS7.3AI score0.00661EPSS

CNVD•added 2016/06/12 12:0 a.m.•3 views

HPE Insight Control server deployment information disclosure vulnerability

HPE Insight Control server deployment is a set of server management configuration tools from Hewlett Packard Enterprise HPE. An information disclosure vulnerability exists in HPE Insight Control server deployment, which allows remote attackers to obtain sensitive information via unspecified vecto...

7.5CVSS6.3AI score0.03975EPSS

CNVD•added 2016/06/12 12:0 a.m.•4 views

HPE Insight Control server deployment file manipulation vulnerability

HPE Insight Control server deployment is a set of server management configuration tools from Hewlett Packard Enterprise HPE. A file manipulation add, delete, and modify vulnerability exists in HPE Insight Control server deployment, which allows remote attackers to modify data via unspecified...

6.1CVSS6.8AI score0.01796EPSS