Skip to main content
CVE-2016-2245 CRITICAL Act Now

HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.5% and no vendor patch available.

HP Authentication Bypass Support Assistant
NVD
CVSS 3.0
9.8
EPSS
14.5%
CVE-2015-2286 MEDIUM This Month

lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly restrict links on the password-reset page, which allows user-assisted remote attackers to discover. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Open Edx
NVD GitHub
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-0283 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) client web application in IBM WebSphere Application Server (WAS) Liberty Profile 8.5.5 before 8.5.5.9 allows remote attackers to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Websphere Application Server
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-2287 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS 442Sr Os
NVD
CVSS 3.0
6.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy