Skip to main content
CVE-2016-1999 CRITICAL PATCH Act Now

The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache HP Java Authentication Bypass Release Control
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2016-4118 HIGH This Week

Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Adobe Privilege Escalation Microsoft Connect
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2016-2025 HIGH PATCH This Week

HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Service Manager
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-2309 HIGH This Week

iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Ruh2
NVD
CVSS 3.0
7.2
EPSS
0.1%
CVE-2016-2311 MEDIUM This Month

Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Alertwerks Servsensor Junior Firmware Alertwerks Servsensor Contact Firmware Alertwerks Servsensor Firmware
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-0907 MEDIUM This Month

EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Isilon Onefs Isilonsd Edge Onefs
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2016-2023 MEDIUM PATCH This Month

HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Restful Interface Tool
NVD
CVSS 3.0
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy