Total
324416 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4642 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
| In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings. | ||||
| CVE-2016-4606 | 2 Apple, Haxx | 2 Mac Os X, Curl | 2024-11-21 | 9.8 Critical |
| Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. | ||||
| CVE-2016-4572 | 1 Cloudera | 1 Cdh | 2024-11-21 | 8.8 High |
| In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges. | ||||
| CVE-2016-4427 | 1 Zulip | 1 Zulip | 2024-11-21 | 7.5 High |
| In zulip before 1.3.12, deactivated users could access messages if SSO was enabled. | ||||
| CVE-2016-4426 | 1 Zulip | 1 Zulip | 2024-11-21 | 4.3 Medium |
| In zulip before 1.3.12, bot API keys were accessible to other users in the same realm. | ||||
| CVE-2016-4406 | 1 Hp | 3 Integrated Lights-out, Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware | 2024-11-21 | N/A |
| A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. | ||||
| CVE-2016-4405 | 1 Hp | 1 Business Service Management | 2024-11-21 | N/A |
| A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26 | ||||
| CVE-2016-4404 | 1 Hp | 1 Keyview | 2024-11-21 | N/A |
| A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via a memory allocation issue. | ||||
| CVE-2016-4403 | 1 Hp | 1 Keyview | 2024-11-21 | N/A |
| A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via memory corruption. | ||||
| CVE-2016-4402 | 1 Hp | 1 Keyview | 2024-11-21 | N/A |
| A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow. | ||||
| CVE-2016-4401 | 1 Arubanetworks | 1 Clearpass | 2024-11-21 | 9.8 Critical |
| Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials. | ||||
| CVE-2016-4400 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS). | ||||
| CVE-2016-4399 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS). | ||||
| CVE-2016-4398 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization. | ||||
| CVE-2016-4397 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software. | ||||
| CVE-2016-4392 | 1 Hp | 1 Business Service Management | 2024-11-21 | N/A |
| A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1. | ||||
| CVE-2016-4391 | 1 Hp | 1 Arcsight Winc Connector | 2024-11-21 | N/A |
| A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0. | ||||
| CVE-2016-4289 | 1 Gmer | 1 Gmer | 2024-11-21 | 5.5 Medium |
| A stack based buffer overflow vulnerability exists in the method receiving data from SysTreeView32 control of the GMER 2.1.19357 application. A specially created long path can lead to a buffer overflow on the stack resulting in code execution. An attacker needs to create path longer than 99 characters to trigger this vulnerability. | ||||
| CVE-2016-3957 | 1 Web2py | 1 Web2py | 2024-11-21 | N/A |
| The secure_load function in gluon/utils.py in web2py before 2.14.2 uses pickle.loads to deserialize session information stored in cookies, which might allow remote attackers to execute arbitrary code by leveraging knowledge of encryption_key. | ||||
| CVE-2016-3954 | 1 Web2py | 1 Web2py | 2024-11-21 | N/A |
| web2py before 2.14.2 allows remote attackers to obtain the session_cookie_key value via a direct request to examples/simple_examples/status. NOTE: this issue can be leveraged by remote attackers to execute arbitrary code using CVE-2016-3957. | ||||