Skip to main content
CVE-2016-1665 MEDIUM This Month

The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Opensuse Enterprise Linux Desktop Supplementary Enterprise Linux Server Supplementary +3
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2015-8530 MEDIUM This Month

Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Buffer Overflow Spss Statistics
NVD
CVSS 3.0
6.5
EPSS
1.3%
CVE-2016-2016 MEDIUM PATCH This Month

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

HP Authentication Bypass Base Vxfs 50 Base Vxfs 501 Base Vxfs 51
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-1207 MEDIUM This Month

Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wn G300R2 Firmware Wn G300R3 Firmware Wn G300R Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-1670 MEDIUM This Month

Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Google Information Disclosure Chrome Opensuse +1
NVD
CVSS 3.0
5.3
EPSS
0.7%
CVE-2016-1664 MEDIUM This Month

The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Enterprise Linux Desktop Supplementary Enterprise Linux Server Supplementary +3
NVD
CVSS 3.0
4.3
EPSS
1.1%
CVE-2016-1206 MEDIUM This Month

The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wn Gdn R3 Firmware
NVD
CVSS 3.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy