243601
|
7.5 |
HIGH
ネットワーク
cisco
|
ios ios_xe
|
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parame…
|
CWE-399
リソース管理の問題
|
CVE-2016-1349
|
2016-12-3 12:20 |
2016-03-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243602
|
9.8 |
CRITICAL
ネットワーク
cisco
|
unified_computing_system_central_software
|
Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856.
|
CWE-78
OSコマンド・インジェクション
|
CVE-2016-1352
|
2016-12-3 12:20 |
2016-04-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243603
|
5.3 |
MEDIUM
ネットワーク
cisco
|
videoscape_distribution_suite_for_internet_streaming
|
The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is…
|
CWE-399
リソース管理の問題
|
CVE-2016-1353
|
2016-12-3 12:20 |
2016-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243604
|
6.1 |
MEDIUM
ネットワーク
|
cisco
|
firesight_system_software
|
Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in Cisco FireSIGHT System Software 6.1.0 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2016-1355
|
2016-12-3 12:20 |
2016-03-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243605
|
3.7 |
LOW
ネットワーク
|
cisco
|
firesight_system_software
|
Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing dif…
|
CWE-287 CWE-255
不適切な認証 証明書・パスワード管理
|
CVE-2016-1356
|
2016-12-3 12:20 |
2016-03-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243606
|
7.1 |
HIGH
ローカル
|
cisco
|
prime_lan_management_solution
|
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveragin…
|
CWE-200
情報漏えい
|
CVE-2016-1360
|
2016-12-3 12:20 |
2016-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243607
|
5.3 |
MEDIUM
隣接
|
cisco
|
ios_xr
|
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to…
|
CWE-399
リソース管理の問題
|
CVE-2016-1361
|
2016-12-3 12:20 |
2016-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243608
|
7.5 |
HIGH
ネットワーク
cisco
|
aireos
|
Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka …
|
CWE-399
リソース管理の問題
|
CVE-2016-1362
|
2016-12-3 12:20 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243609
|
6.5 |
MEDIUM
ネットワーク
|
cisco
|
ios_xr
|
The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denia…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2016-1366
|
2016-12-3 12:20 |
2016-03-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243610
|
5.3 |
MEDIUM
ネットワーク
cisco
|
ios_xr
|
Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (CRC and symbol errors, and interface flap) via crafted bit patterns in packets, a…
|
CWE-20
不適切な入力確認
|
CVE-2016-1376
|
2016-12-3 12:20 |
2016-04-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243611
|
6.1 |
MEDIUM
ネットワーク
|
cisco
|
unity_connection
|
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2016-1377
|
2016-12-3 12:20 |
2016-04-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243612
|
5.3 |
MEDIUM
ネットワーク
cisco
|
ios
|
Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) por…
|
CWE-200
情報漏えい
|
CVE-2016-1378
|
2016-12-3 12:20 |
2016-04-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243613
|
7.5 |
HIGH
ネットワーク
cisco
|
ios ios_xe
|
The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898.
|
CWE-264
認可・権限・アクセス制御
|
CVE-2016-1384
|
2016-12-3 12:20 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243614
|
7.5 |
HIGH
ネットワーク
cisco
|
application_policy_infrastructure_controller_enterprise_module
|
The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka B…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2016-1386
|
2016-12-3 12:20 |
2016-04-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243615
|
7.4 |
HIGH
ネットワーク
|
cisco
|
webex_meetings_server
|
Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID…
|
NVD-CWE-Other
|
CVE-2016-1389
|
2016-12-3 12:20 |
2016-04-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243616
|
7.4 |
HIGH
ネットワーク
|
cisco
|
webex_meetings_server
|
<a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>
|
NVD-CWE-Other
|
CVE-2016-1389
|
2016-12-3 12:20 |
2016-04-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243617
|
9.8 |
CRITICAL
ネットワーク
adobe
|
acrobat acrobat_dc acrobat_reader acrobat_reader_dc
|
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attacker…
|
CWE-119
バッファエラー
|
CVE-2016-1007
|
2016-12-3 12:19 |
2016-03-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243618
|
8.4 |
HIGH
ローカル
|
adobe
|
acrobat acrobat_dc acrobat_reader acrobat_reader_dc
|
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.2…
|
CWE-20
不適切な入力確認
|
CVE-2016-1008
|
2016-12-3 12:19 |
2016-03-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243619
|
9.8 |
CRITICAL
ネットワーク
adobe
|
acrobat acrobat_dc acrobat_reader acrobat_reader_dc
|
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attacker…
|
CWE-119
バッファエラー
|
CVE-2016-1009
|
2016-12-3 12:19 |
2016-03-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243620
|
5.9 |
MEDIUM
ネットワーク
|
samba
|
samba
|
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial…
|
CWE-119
バッファエラー
|
CVE-2016-0771
|
2016-12-3 12:18 |
2016-03-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243621
|
6.8 |
MEDIUM
ローカル
|
linux google
|
linux_kernel android
|
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-…
|
CWE-20
不適切な入力確認
|
CVE-2016-0774
|
2016-12-3 12:18 |
2016-04-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243622
|
9.8 |
CRITICAL
ネットワーク
advantech
|
webaccess
|
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to …
|
NVD-CWE-Other
|
CVE-2016-0854
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243623
|
9.8 |
CRITICAL
ネットワーク
advantech
|
webaccess
|
<a href="http://cwe.mitre.org/data/definitions/434.html">CWE-434: Unrestricted Upload of File with Dangerous Type</a>
|
NVD-CWE-Other
|
CVE-2016-0854
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243624
|
7.5 |
HIGH
ネットワーク
advantech
|
webaccess
|
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.
|
CWE-22
パス・トラバーサル
|
CVE-2016-0855
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243625
|
9.8 |
CRITICAL
ネットワーク
advantech
|
webaccess
|
Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
バッファエラー
|
CVE-2016-0856
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243626
|
9.8 |
CRITICAL
ネットワーク
advantech
|
webaccess
|
Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
バッファエラー
|
CVE-2016-0857
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243627
|
8.1 |
HIGH
ネットワーク
|
advantech
|
webaccess
|
Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.
|
CWE-362 CWE-119
競合状態 バッファエラー
|
CVE-2016-0858
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243628
|
9.8 |
CRITICAL
ネットワーク
advantech
|
webaccess
|
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC…
|
CWE-189
数値処理の問題
|
CVE-2016-0859
|
2016-12-3 12:18 |
2016-01-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243629
|
4.4 |
MEDIUM
ローカル
|
oracle
|
mysql
|
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.
|
NVD-CWE-noinfo
|
CVE-2016-0667
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243630
|
6.0 |
MEDIUM
ローカル
|
oracle
|
solaris
|
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.
|
NVD-CWE-noinfo
|
CVE-2016-0669
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243631
|
3.7 |
LOW
ネットワーク
|
oracle
|
http_server
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module.
|
NVD-CWE-noinfo
|
CVE-2016-0671
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243632
|
6.1 |
MEDIUM
ネットワーク
|
oracle
|
flexcube_direct_banking
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via v…
|
NVD-CWE-noinfo
|
CVE-2016-0672
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243633
|
5.4 |
MEDIUM
ネットワーク
|
oracle
|
siebel_ui_framework
|
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UI…
|
NVD-CWE-noinfo
|
CVE-2016-0673
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243634
|
4.4 |
MEDIUM
ローカル
|
oracle
|
siebel_core-common_components
|
Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality and integrity via vectors related to Email.
|
NVD-CWE-noinfo
|
CVE-2016-0674
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243635
|
4.7 |
MEDIUM
ローカル
|
oracle
|
solaris
|
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel.
|
NVD-CWE-noinfo
|
CVE-2016-0676
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243636
|
5.9 |
MEDIUM
ネットワーク
|
oracle
|
database
|
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-0677
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243637
|
6.7 |
MEDIUM
ローカル
|
oracle
|
vm_virtualbox
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors…
|
NVD-CWE-noinfo
|
CVE-2016-0678
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243638
|
8.7 |
HIGH
ネットワーク
|
oracle
|
peoplesoft_enterprise_peopletools
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect integrity and availability …
|
NVD-CWE-noinfo
|
CVE-2016-0679
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243639
|
5.4 |
MEDIUM
ネットワーク
|
oracle
|
peoplesoft_supply_chain_management_eprocurement
|
Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors re…
|
NVD-CWE-noinfo
|
CVE-2016-0680
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243640
|
7.8 |
HIGH
ローカル
|
oracle
|
olap
|
Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unspeci…
|
NVD-CWE-noinfo
|
CVE-2016-0681
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243641
|
5.4 |
MEDIUM
ネットワーク
|
oracle
|
peoplesoft_enterprise_peopletools
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integri…
|
NVD-CWE-noinfo
|
CVE-2016-0683
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243642
|
6.5 |
MEDIUM
ネットワーク
|
oracle
|
micros_arspos
|
Unspecified vulnerability in the Oracle Retail MICROS ARS POS component in Oracle Retail Applications 1.5 allows remote authenticated users to affect confidentiality via vectors related to POS.
|
NVD-CWE-noinfo
|
CVE-2016-0684
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243643
|
5.4 |
MEDIUM
ネットワーク
|
oracle
|
peoplesoft_enterprise_peopletools
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integri…
|
NVD-CWE-noinfo
|
CVE-2016-0685
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243644
|
3.3 |
LOW
ローカル
|
oracle
|
database
|
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerabil…
|
NVD-CWE-noinfo
|
CVE-2016-0690
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243645
|
3.3 |
LOW
ローカル
|
oracle
|
database
|
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerabil…
|
NVD-CWE-noinfo
|
CVE-2016-0691
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243646
|
9.8 |
CRITICAL
ネットワーク
oracle
|
solaris
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module.
|
NVD-CWE-noinfo
|
CVE-2016-0693
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243647
|
6.0 |
MEDIUM
ローカル
|
oracle
|
application_object_library
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity v…
|
NVD-CWE-noinfo
|
CVE-2016-0697
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243648
|
5.4 |
MEDIUM
ネットワーク
|
oracle
|
peoplesoft_enterprise_peopletools
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integri…
|
NVD-CWE-noinfo
|
CVE-2016-0698
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
243649
|
9.1 |
CRITICAL
ネットワーク
oracle
|
flexcube_direct_banking
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via v…
|
NVD-CWE-noinfo
|
CVE-2016-0699
|
2016-12-3 12:17 |
2016-04-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
243650
|
4.3 |
MEDIUM
ネットワーク
|
ibm
|
db2 db2_connect
|
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA mess…
|
CWE-20
不適切な入力確認
|
CVE-2016-0211
|
2016-12-3 12:16 |
2016-04-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|