Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed. Rated medium severity (CVSS 6.6). No vendor patch available.
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.