Skip to main content
CVE-2016-1142 CRITICAL Act Now

Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Acmailer
NVD
CVSS 3.0
9.1
EPSS
0.7%
CVE-2015-6863 HIGH PATCH This Week

HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Arcsight Logger
NVD
CVSS 3.0
7.3
EPSS
2.5%
CVE-2015-6864 MEDIUM PATCH This Month

HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

RCE Arcsight Logger
NVD
CVSS 3.0
6.3
EPSS
0.7%
CVE-2016-1294 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Management Center in Cisco FireSIGHT System Software 6.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted cookie, aka Bug. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Firesight System Software
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-1293 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Firesight System Software
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-1295 MEDIUM This Month

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance Software
NVD
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-1133 LOW Monitor

CRLF injection vulnerability in the on_req function in lib/handler/redirect.c in H2O before 1.6.2 and 1.7.x before 1.7.0-beta3 allows remote attackers to inject arbitrary HTTP headers and conduct. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Code Injection H2O
NVD GitHub
CVSS 3.0
3.7
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy