Skip to main content
CVE-2016-2279 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* before 28.011+ allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rockwell
NVD Exploit-DB VulDB
CVSS 3.1
6.1
EPSS
2.1%
CVE-2016-0704 MEDIUM This Month

An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Oracle
NVD
CVSS 3.0
5.9
EPSS
6.0%
CVE-2016-0703 MEDIUM This Month

The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Oracle
NVD
CVSS 3.0
5.9
EPSS
4.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy