Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-06-08 CVE-2016-3708 Improper Access Control vulnerability in Redhat Openshift 3.2
Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from pods in other namespaces, allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that (1) contains ONBUILD commands or (2) does not contain a tar binary.
network
low complexity
redhat CWE-284
7.1
2016-06-08 CVE-2016-2160 Permissions, Privileges, and Access Controls vulnerability in Redhat Openshift and Openshift Origin
Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.
network
low complexity
redhat CWE-264
8.8
2016-06-08 CVE-2016-4369 Improper Access Control vulnerability in HP Discovery and Dependency Mapping Inventory 9.30/9.31/9.32
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
network
low complexity
hp CWE-284
8.8
2016-06-08 CVE-2016-4367 Information Exposure vulnerability in HP Universal Cmbd Foundation
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
hp CWE-200
7.5
2016-06-08 CVE-2016-4365 Unspecified vulnerability in HP Insight Control Server Deployment
HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
hp
7.5
2016-06-08 CVE-2016-4364 Unspecified vulnerability in HP Insight Control Server Deployment
HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.
local
low complexity
hp
8.4
2016-06-08 CVE-2016-4362 Unspecified vulnerability in HP Insight Control Server Deployment
HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
network
low complexity
hp
8.1
2016-06-08 CVE-2016-4361 Unspecified vulnerability in HP Loadrunner and Performance Center
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
network
low complexity
hp
7.5
2016-06-08 CVE-2016-4358 Unspecified vulnerability in HP products
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029.
low complexity
hp
8.1
2016-06-08 CVE-2016-4357 Unspecified vulnerability in HP products
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028.
network
low complexity
hp
8.1