samba: Smb signing not required by default when smb client connection is used for ipc usage

It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...

CVE-2016-2166

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

CVE-2016-2166

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

The vulnerability of the HP System Management Homepage software allows a perpetrator to obtain confidential information or alter data.

The vulnerability of the HP System Management Homepage software relates to errors in the code. Exploiting this vulnerability can allow a local attacker to obtain confidential information or alter data...

Siemens APOGEE Insight Information Disclosure Vulnerability

Siemens APOGEE Insight is a building automation control system from Siemens, Germany. A security vulnerability exists in Siemens APOGEE Insight, which originates when the program assigns weak privileges to the application folder. A local attacker could exploit the vulnerability to obtain sensitiv...

HP System Management Homepage Data Modification Vulnerability

HP System Management Homepage is a Web-based interface published by HP. A security vulnerability exists in HP System Management Homepage that could be exploited by a remote attacker to submit a special request to access or modify data on the system...

HP System Management Homepage Data Modification Vulnerability (CNVD-2016-01741)

HP System Management Homepage is a Web-based interface published by HP. A security vulnerability exists in HP System Management Homepage that could be exploited by a remote attacker to submit a special request to access or modify data on the system...

HP System Management Homepage Data Modification Vulnerability (CNVD-2016-01742)

HP System Management Homepage is a Web-based interface published by HP. A security vulnerability exists in HP System Management Homepage that could be exploited by an attacker to submit a special request to modify data...

CVE-2016-3155

Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors...

Design/Logic Flaw

Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors...

CVE-2016-3155

Summary: CVE-2016-3155 affects Siemens APOGEE Insight, where the application folder has weak default permissions. This could let an authenticated local user view or modify APOGEE Insight data via unspecified vectors. The vulnerability is not remote-exploitable; exploitation requires OS-level acce...

CVE-2016-1996

HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors...

CVE-2016-1996

HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors...

CVE-2016-1993

HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors...

CVE-2016-1993

CVE-2016-1993 affects HPE System Management Homepage (SMH) prior to version 7.5.4. The vulnerability allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. The initial description does not specify the exact exploit vectors or affected components ...

CVE-2016-1996

Product & impact: HP System Management Homepage (SMH) prior to version 7.5.4 is affected by CVE-2016-1996. What’s affected: SMH component prior to 7.5.4 (

Redaxo CMS SQL Injection Vulnerability

Redaxo CMS is an open source Web portal content management system CMS. The system supports custom modules , plug-in extensions , project backup and so on. SQL injection vulnerabilities exist in Redaxo CMS. Allows attackers to exploit these vulnerabilities to steal cookie-based authentication, tak...

CVE-2015-8269

The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number...

The vulnerability of Solaris Cluster software allows a hacker to gain read access to data, modify data, or cause partial service disruption.

The vulnerability of the HA sub-component for MySQL cluster software in Solaris Cluster is related to errors in the code. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data, or cause partial service disruption...

The vulnerability of the Oracle Database database management system allows a hacker to modify data.

The vulnerability of the Security component of the Oracle Database management system is related to errors in the code. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to data modification, addition, or deletion through network packets...