CVE-2016-1428

CVE-2016-1428 is a Cisco IOS XE SNMP subsystem vulnerability described as a double‑free error in the SNMP processing path. According to sources, it affects Cisco IOS XE releases 3.15S, 3.16S, and 3.17S and can be exploited by an authenticated, remote attacker via crafted SNMP read requests to tri...

CVE-2016-0914

EMC Documentum WebTop and related components are affected by CVE-2016-0914. The vulnerability allows remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface. Affected products/versions and patches (as described): WebTo...

PT-2016-6217 · Red Hat +3 · Ceph +3

Name of the Vulnerable Software and Affected Versions: Ceph affected versions not specified Description: The issue allows remote authenticated users to cause a denial of service, resulting in a segmentation fault and ceph monitor crash. This can be achieved by sending an empty or crafted prefix t...

CVE-2016-4518

OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service service outage via a message...

CVE-2016-4518

OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service service outage via a message...

CVE-2016-4514

Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy...

CVE-2016-1192

Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors...

CVE-2016-0912

EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to 1 a different account with the same role as a target account or 2 an account's session at an unattended workstation...

CVE-2016-0912

EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to 1 a different account with the same role as a target account or 2 an account's session at an unattended workstation...

CVE-2016-1192

The CVE-2016-1192 issue affects Cybozu Garoon 3.7–4.2, with a vulnerability in the logging function that allows remote authenticated users to read restricted log files via directory traversal. The root cause is in the logging path (directory traversal in the logging function), and the JVN and NVD...

CVE-2016-4514

The CVE-2016-4514 issue affects Moxa PT-7728 Series Switches (software 3.4 build 15081113). The vulnerability is improper authorization, enabling remote authenticated users to change switch configuration via vectors involving a local proxy, with remote exploitability reported by ICS-CERT/Tenable ...

CVE-2016-1397

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service device reload via crafted...

CVE-2016-4813

NetCommons 2.4.2.1 and earlier are affected by a privilege-escalation flaw where a remote authenticated secretariat user (CLERK) can create a SYSTEM_ADMIN account, granting full admin rights. The root cause is elevation of privileges within the NetCommons privilege model, enabling CLERK to gain a...

CVE-2016-3226

CVE-2016-3226 describes a denial-of-service vulnerability in Microsoft Active Directory on Windows Server 2008 R2 SP1 and Windows Server 2012/2012 R2. An authenticated attacker with privileges to join machines to the domain can cause the AD service to become nonresponsive by creating a large numb...

DEBIAN-CVE-2016-4911

The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...

CVE-2016-4911

The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...

CVE-2016-4911

The CVE-2016-4911 entry affects OpenStack Identity (Keystone) in the Fernet Token Provider (9.0.x prior to 9.0.1, Mitaka). The root cause is a token rescoping flaw that allows remote authenticated users to bypass access restrictions and potentially prevent revocation of a token chain. This could ...

CVE-2016-4370

HPE Project and Portfolio Management Center PPM 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors...

CVE-2016-4370

HPE Project and Portfolio Management Center PPM 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors...

CVE-2016-3708

Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from pods in other namespaces, allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that 1 contain...