CVE-2016-6146 (trex)
The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.
Source: CVE-2016-6146 (trex)
[월:] 2016년 09월
CVE-2016-6146
CVE-2016-6146
The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.
Source: CVE-2016-6146
CVE-2016-6137 (trex)
CVE-2016-6137 (trex)
An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.
Source: CVE-2016-6137 (trex)
CVE-2016-6137
CVE-2016-6137
An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.
Source: CVE-2016-6137
CVE-2016-4978 (activemq_artemis)
CVE-2016-4978 (activemq_artemis)
The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.
Source: CVE-2016-4978 (activemq_artemis)
CVE-2016-4978
CVE-2016-4978
The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.
Source: CVE-2016-4978
CVE-2016-4058 (policy_center)
CVE-2016-4058 (policy_center)
Cross-site scripting (XSS) vulnerability in Huawei Policy Center before V100R003C10SPC020 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to "special characters on pages."
Source: CVE-2016-4058 (policy_center)
CVE-2016-4058
CVE-2016-4058
Cross-site scripting (XSS) vulnerability in Huawei Policy Center before V100R003C10SPC020 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to "special characters on pages."
Source: CVE-2016-4058
CVE-2016-7052 (openssl)
CVE-2016-7052 (openssl)
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
Source: CVE-2016-7052 (openssl)
CVE-2016-7052
CVE-2016-7052
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
Source: CVE-2016-7052