CVE-2016-2149
Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a previously deleted namespace when creating a new namespace.
Source: CVE-2016-2149
[월:] 2016년 06월
CVE-2016-2142 (openshift)
CVE-2016-2142 (openshift)
Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file.
Source: CVE-2016-2142 (openshift)
CVE-2016-2142
CVE-2016-2142
Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file.
Source: CVE-2016-2142
CVE-2016-5108 (debian_linux, vlc_media_player)
CVE-2016-5108 (debian_linux, vlc_media_player)
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
CVE-2016-5108
CVE-2016-5108
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
Source: CVE-2016-5108
CVE-2016-4369 (discovery_and_dependency_mapping_inventory)
CVE-2016-4369 (discovery_and_dependency_mapping_inventory)
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Source: CVE-2016-4369 (discovery_and_dependency_mapping_inventory)
CVE-2016-4369
CVE-2016-4369
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Source: CVE-2016-4369
CVE-2016-4368 (universal_cmbd_configuration_manager, universal_cmbd_foundation, universal_discovery)
CVE-2016-4368 (universal_cmbd_configuration_manager, universal_cmbd_foundation, universal_discovery)
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Source: CVE-2016-4368 (universal_cmbd_configuration_manager, universal_cmbd_foundation, universal_discovery)
CVE-2016-4368
CVE-2016-4368
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Source: CVE-2016-4368
CVE-2016-4367 (universal_cmbd_foundation)
CVE-2016-4367 (universal_cmbd_foundation)
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.