Latest CVE Feed
-
5.9
MEDIUMCVE-2016-6231
Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.... Read more
Affected Products : safe_browser- EPSS Score: %0.17
- Published: Aug. 25, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-4069
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors... Read more
- EPSS Score: %1.13
- Published: Aug. 25, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-7089
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.... Read more
Affected Products : rapidstream- EPSS Score: %0.21
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-6909
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.... Read more
- EPSS Score: %71.56
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2016-5812
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file.... Read more
- EPSS Score: %0.05
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-5799
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.... Read more
- EPSS Score: %0.59
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-5650
ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote attackers to trigger association with an arbitrary access point by using a recognized SSID value.... Read more
- EPSS Score: %1.06
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-5645
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveragin... Read more
- EPSS Score: %30.31
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-5081
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.... Read more
- EPSS Score: %0.88
- Published: Aug. 24, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-6365
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.... Read more
- EPSS Score: %0.23
- Published: Aug. 23, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-6364
The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.... Read more
Affected Products : unified_communications_manager- EPSS Score: %0.73
- Published: Aug. 23, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-6355
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791.... Read more
Affected Products : ios_xr- EPSS Score: %0.74
- Published: Aug. 23, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-1484
Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.... Read more
Affected Products : webex_meetings_server- EPSS Score: %0.25
- Published: Aug. 23, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2016-1477
Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.... Read more
Affected Products : connected_streaming_analytics- EPSS Score: %0.22
- Published: Aug. 23, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2016-6363
The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 fr... Read more
- EPSS Score: %0.93
- Published: Aug. 22, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-6362
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.... Read more
- EPSS Score: %0.34
- Published: Aug. 22, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2016-6361
The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU h... Read more
- EPSS Score: %1.06
- Published: Aug. 22, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-6359
Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway Installation Software 4.1(4.0) on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and ... Read more
Affected Products : transport_gateway_installation_software- EPSS Score: %0.25
- Published: Aug. 22, 2016
- Modified: Apr. 12, 2025
-
9.8
CRITICALCVE-2016-5817
SQL injection vulnerability in news pages in Cargotec Navis WebAccess before 2016-08-10 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more
Affected Products : webaccess- EPSS Score: %0.32
- Published: Aug. 22, 2016
- Modified: Apr. 12, 2025
-
8.1
HIGHCVE-2016-4377
HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1... Read more
Affected Products : converged_infrastructure_solution_sizer_suite insight_management_sizer power_advisor sap_sizing_tool sizer_for_converged_systems_virtualization sizer_for_microsoft_exchange_server_2010 sizer_for_microsoft_exchange_server_2013 sizer_for_microsoft_exchange_server_2016 sizer_for_microsoft_lync_server_2013 sizer_for_microsoft_sharepoint_2010 +5 more products- EPSS Score: %16.88
- Published: Aug. 22, 2016
- Modified: Apr. 12, 2025