Export limit exceeded: 24624 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24624 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8625 | 2 Haxx, Redhat | 3 Curl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. | ||||
| CVE-2016-8624 | 2 Haxx, Redhat | 3 Curl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '#' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL parser that follows the RFC to check for allowed domains before using curl to request them. | ||||
| CVE-2016-8612 | 3 Apache, Netapp, Redhat | 4 Http Server, Storage Automation Store, Enterprise Linux and 1 more | 2024-11-21 | N/A |
| Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process. | ||||
| CVE-2016-8611 | 1 Openstack | 1 Glance | 2024-11-21 | N/A |
| A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation. | ||||
| CVE-2016-8535 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | N/A |
| A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found. | ||||
| CVE-2016-8531 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | N/A |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found. | ||||
| CVE-2016-8530 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. | ||||
| CVE-2016-8525 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. | ||||
| CVE-2016-8521 | 1 Hp | 1 Diagnostics | 2024-11-21 | N/A |
| A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found. | ||||
| CVE-2016-8514 | 1 Hp | 1 Version Control Repository Manager | 2024-11-21 | N/A |
| A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6. | ||||
| CVE-2016-8486 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823691. | ||||
| CVE-2016-8485 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823681. | ||||
| CVE-2016-8220 | 1 Pivotal Software | 1 Gemfire | 2024-11-21 | N/A |
| Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. The application inadvertently exposed WAN replication credentials at a public route. | ||||
| CVE-2016-7475 | 1 F5 | 8 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 5 more | 2024-11-21 | N/A |
| Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles. | ||||
| CVE-2016-7472 | 1 F5 | 1 Big-ip Application Security Manager | 2024-11-21 | N/A |
| F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request. | ||||
| CVE-2016-7404 | 1 Openstack | 1 Magnum | 2024-11-21 | N/A |
| OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform. | ||||
| CVE-2016-7078 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-11-21 | N/A |
| foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their assigned permissions, e.g. to control viewing, editing and deletion. | ||||
| CVE-2016-7077 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-11-21 | N/A |
| foreman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper does not authorize options for associated objects. Unauthorized user can see names of such objects if their count is less than 6. | ||||
| CVE-2016-7074 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2024-11-21 | N/A |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading to the possibility of parsing records that are not covered by the TSIG signature. | ||||
| CVE-2016-7073 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2024-11-21 | N/A |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack. | ||||