SAP NetWeaver AS JAVA SQL Injection Vulnerability

SAP NetWeaver is an integrated, service-oriented application platform that provides a development and runtime environment for SAP applications.SAP NetWeaver AS Java is an application server that runs in NetWeaver and is based on the Java programming language. An SQL injection vulnerability exists...

HPE System Management Homepage Information Disclosure Vulnerability

HPE System Management Homepage is a Web-based interface. The interface consolidates and simplifies the process of single-system management of HP servers running HP-UX, Linux, and Microsoft Windows operating systems. An information disclosure vulnerability exists in HPE System Management Homepage...

CVE-2016-2296

Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors...

CVE-2016-2296

CVE-2016-2296 affects Meteocontrol WEB’log Basic 100, Light, Pro and Pro Unlimited. The vulnerability is an authentication bypass allowing access to the post-admin login pages, enabling remote attackers to obtain sensitive information or modify data (unspecified vectors). Technical details are su...

Information disclosure

HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors...

CANDID 'view.php' SQL Injection and Cross Site Scripting Vulnerabilities

CANDID is prone to sql injection and cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-2014

HPE Network Node Manager i NNMi 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...

CVE-2016-2014

HPE Network Node Manager i NNMi 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...

CVE-2016-2014

HPE Network Node Manager i NNMi 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...

CVE-2016-2014

CVE-2016-2014 affects HPE Network Node Manager i (NNMi) versions 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01. The vulnerability allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. The provided connected sources confirm the affected product and the i...

Unspecified Vulnerability in Oracle Sun Solaris Automated Installer Subcomponent

Oracle Sun Solaris is a set of Unix-like operating systems from Oracle. A security vulnerability in the Automated Installer subcomponent of Oracle Sun Solaris version 11.3 can be exploited by a remote attacker to update, insert, or delete data, compromising data integrity...

Unspecified vulnerability in Oracle E-Business Suite CRM Wireless component (CNVD-2016-02569)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. An unspecified vulnerability in the Call Phone Number Page subcomponent of the Oracle CRM Wireless component of Oracle E-Business Suite version 12.1.3...

Unspecified Vulnerability in Oracle Fusion Middleware WebLogic Server Component (CNVD-2016-02579)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, of which Oracle WebLogic Server is an application server component for both cloud and traditional environments. An unspecified vulnerability in the Console...

Unspecified Vulnerability in Oracle Fusion Middleware Business Intelligence Enterprise Edition Component (CNVD-2016-02483)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's Oracle business innovation platform for enterprise and cloud environments, of which Oracle Business Intelligence Enterprise Edition is a business intelligence component. An unspecified vulnerability in the Analytics Scorecard...

Unspecified Vulnerability in Oracle Database Server RDBMS Security Component (CNVD-2016-02583)

Oracle Database Server is a relational database management system from Oracle Corporation, of which RDBMS Security is a database security storage component. An unspecified vulnerability in the RDBMS Security component of Oracle Database Server can be exploited by a local attacker to update, inser...

Oracle Sun Solaris Fwflash Subcomponent Denial of Service Vulnerability

racle Sun Solaris is a Unix-like operating system from Oracle. A security vulnerability in the Fwflash subcomponent of Oracle Sun Solaris version 11.3 can be exploited by a local attacker to create, delete, or modify data, and may also cause a denial of service. The integrity and availability of...

Oracle Retail Applications Unspecified Vulnerability in Oracle Retail Xstore Point of Service Component

Oracle Retail Applications is a set of retail applications store solutions from Oracle Corporation. Oracle Retail Xstore Point of Service is one of the retail point of service management components. An unspecified vulnerability exists in the Xstore Services subcomponent of the Oracle Retail Xstor...

Samba MS-SAMR/MS-LSAD Man-in-the-Middle Attack Vulnerability

Samba is a freeware implementation of the SMB protocol on Linux and UNIX systems, consisting of a server and a client program. Samba versions 3.6.0-4.4.0 have a security vulnerability in the MS-SAMR and MS-LSAD protocols due to not properly handling DCERPC connections. It could allow a...

Samba Security Bypass Vulnerability

Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. The Samba client's Server Message Block SMB signature fails to use the SMB1 protocol, allowing an attacker to exploit this...

Samba Man-in-the-Middle Attack Vulnerability (CNVD-2016-02276)

Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. Samba fails to protect the integrity of IPC traffic, allowing an attacker to exploit this vulnerability as a man-in-the-middle...