CVE-2016-4385

Daily Hot! Security news Exploit updates Blogs review Bugbounty Linux vulnerabilities Scanners plugins updates CVE Feed Security Tools Firefox vulnerabilities CVSS High Score Windows Vulnerabilities Popular in social networks Wild exploited log4j news

mskb

Description of the security update for Microsoft Exchange Server 2013 and 2016: August 14, 2018

None Summary This security update resolves vulnerabilities in Microsoft Exchange. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE): Microsoft Common Vulnerabilities and Exposures CVE-2018-8302 Microsoft Common Vulnerabilities and Exposures...

10.0 CVSS

2018-08-14T07:00:00

impervablog

Deserialization Attacks Surge Motivated by Illegal Crypto-mining

Imperva’s research group is constantly monitoring new web application vulnerabilities. In doing so, we’ve noticed at least four major insecure deserialization vulnerabilities that were published in the past year. Our analysis shows that, in the past three months, the number of deserialization...

10.0 CVSS

2018-01-24T17:45:08

nessus

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20170116)

Security Fix(es) : A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response....

5 CVSS

2017-01-17T00:00:00

nessus

GLSA-201612-54 : Chicken: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201612-54 (Chicken: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chicken. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute...

9 CVSS

2017-01-03T00:00:00

nessus

HP Network Automation RMI Registry Java Object Deserialization RCE

The HP Network Automation application running on the remote host is version 9.1x, 9.2x, 10.00.x prior to 10.00.02.01, 10.10.x, or 10.11.x prior to 10.11.00.01. It is, therefore, affected by a remote code execution vulnerability in the RMI registry due to unsafe deserialize calls of unauthenticated...

7.5 CVSS

2016-10-04T00:00:00

cve

CVE-2016-4385

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils...

7.5 CVSS

2016-09-29T14:59:00

zdi

Hewlett Packard Enterprise Network Automation RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Network Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry on TCP port 6099. By sending a...

7.5 CVSS

2016-09-21T00:00:00

openvas

FreeBSD Ports: win32-codecs

The remote host is missing an update to the system as announced in the referenced advisory. # VID 24f6b1eb-43d5-11db-81e1-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke reinke@securityspace.com Copyright: Copyright...

5.1 CVSS

2008-09-04T00:00:00

nessus

GLSA-200803-08 : Win32 binary codecs: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-08 (Win32 binary codecs: Multiple vulnerabilities) Multiple buffer overflow, heap overflow, and integer overflow vulnerabilities were discovered in the Quicktime plugin when processing MOV, FLC, SGI, H.264 and FPX...

9.3 CVSS

2008-03-07T00:00:00

0 of total 9