Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2789 | 1 Citrix | 1 Xenmobile Server | 2016-12-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-1976 | 3 Microsoft, Mozilla, Webrtc Project | 3 Windows, Firefox, Webrtc | 2016-12-02 | 6.8 MEDIUM | 5.5 MEDIUM |
| Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2016-1988 | 1 Hp | 1 Network Automation | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. | |||||
| CVE-2016-1989 | 1 Hp | 1 Network Automation | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. | |||||
| CVE-2016-1992 | 1 Hp | 2 Enterprise Security Manager, Enterprise Security Manager Express | 2016-12-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1993 | 1 Hp | 1 System Management Homepage | 2016-12-02 | 5.5 MEDIUM | 8.1 HIGH |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2016-1994 | 1 Hp | 1 System Management Homepage | 2016-12-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1995 | 1 Hp | 1 System Management Homepage | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
| HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-1996 | 1 Hp | 1 System Management Homepage | 2016-12-02 | 3.6 LOW | 7.7 HIGH |
| HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2016-2001 | 1 Hp | 1 Universal Cmbd Foundation | 2016-12-02 | 5.8 MEDIUM | 7.4 HIGH |
| HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors. | |||||
| CVE-2016-2071 | 1 Citrix | 3 Netscaler, Netscaler Application Delivery Controller, Netscaler Gateway | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
| Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands. | |||||
| CVE-2016-2072 | 1 Citrix | 3 Netscaler, Netscaler Application Delivery Controller, Netscaler Gateway | 2016-12-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2016-2085 | 1 Linux | 1 Linux Kernel | 2016-12-02 | 2.1 LOW | 5.5 MEDIUM |
| The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack. | |||||
| CVE-2016-2204 | 1 Symantec | 1 Messaging Gateway | 2016-12-02 | 6.5 MEDIUM | 8.2 HIGH |
| The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input. | |||||
| CVE-2016-2243 | 1 Hp | 30 1000 Series Firmware, 700 Series Firmware, 800 Series Firmware and 27 more | 2016-12-02 | 5.4 MEDIUM | 7.9 HIGH |
| Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. | |||||
| CVE-2016-2244 | 1 Hp | 55 A2w75a, A2w76a, A2w77a and 52 more | 2016-12-02 | 5.0 MEDIUM | 5.9 MEDIUM |
| HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-2299 | 1 Ecava | 1 Integraxor | 2016-12-02 | 7.5 HIGH | 7.3 HIGH |
| SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2016-1780 | 1 Apple | 1 Iphone Os | 2016-12-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment via a crafted web site. | |||||
| CVE-2016-1788 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-02 | 2.6 LOW | 5.9 MEDIUM |
| Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages. | |||||
| CVE-2016-1789 | 1 Apple | 1 Ibooks Author | 2016-12-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Apple iBooks Author before 2.4.1 allows remote attackers to read arbitrary files via an iBooks Author file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||