Skip to main content
CVE-2016-0800 MEDIUM POC THREAT This Month

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 90.4%.

OpenSSL Information Disclosure Oracle Client Steel Belted Radius
NVD
CVSS 3.0
5.9
EPSS
90.4%
Threat
5.4
CVE-2016-2562 MEDIUM PATCH This Month

The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

PHP Information Disclosure Phpmyadmin
NVD GitHub
CVSS 3.0
6.8
EPSS
0.2%
CVE-2016-2560 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS PHP Phpmyadmin
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2016-2561 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS PHP Phpmyadmin
NVD GitHub
CVSS 3.0
5.4
EPSS
0.5%
CVE-2016-2559 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS PHP Phpmyadmin
NVD GitHub
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-1353 MEDIUM This Month

The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Videoscape Distribution Suite For Internet Streaming
NVD
CVSS 3.0
5.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy