Skip to main content
CVE-2016-2290 HIGH This Week

Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Proface Gp Pro Ex Ex Ed Proface Gp Pro Ex Pfxexedls +2
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2016-1174 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Casebook Plugin
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-1172 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Casebook Plugin
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-1170 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to hijack the authentication of administrators. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Casebook Plugin
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-1290 HIGH This Week

The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Evolved Programmable Network Manager Prime Infrastructure Opensolaris
NVD
CVSS 3.0
8.1
EPSS
0.2%
CVE-2015-6312 HIGH This Week

Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow Emc Powerscale Onefs Jr6150 Firmware +2
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-0871 HIGH This Week

Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eg2 Web Control
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2015-6313 HIGH This Week

Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Opensolaris Gs1900 10Hp Firmware Keymouse Firmware
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-2272 HIGH This Week

Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to have an unspecified impact via a modified cookie. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Eg2 Web Control
NVD
CVSS 3.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy