Skip to main content
CVE-2016-1225 MEDIUM This Month

Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Internet Security
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2016-4530 MEDIUM This Month

OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Pi Sql Data Access Server 2016
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2016-1397 MEDIUM This Month

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Buffer Overflow Rv215W Wireless N Vpn Router Firmware Rv110W Wireless N Vpn Firewall Firmware +1
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-4518 MEDIUM This Month

OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Pi Af Server 2016
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-4816 MEDIUM PATCH This Month

BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Wzr 600Dhp3 Firmware Hw 450Hp Zwe Firmware Wzr Hp G450H Firmware Wzr 450Hp Firmware +30
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-1424 MEDIUM This Month

Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco Buffer Overflow iOS
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-1224 MEDIUM This Month

CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Trend Micro Worry Free Business Security Worry Free Business Security Services
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2016-1226 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Trend Micro Internet Security
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2016-1197 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Garoon
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-1396 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Rv130W Wireless N Multifunction Vpn Router Firmware Rv110W Wireless N Vpn Firewall Firmware Rv215W Wireless N Vpn Router Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-4811 MEDIUM This Month

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Google Authentication Bypass Japan Connected Free Wi Fi
NVD
CVSS 3.0
5.6
EPSS
0.4%
CVE-2016-1223 MEDIUM This Month

Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Trend Micro Microsoft Officescan Worry Free Business Security +1
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2015-7775 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Garoon
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-1191 MEDIUM PATCH This Month

Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Garoon
NVD
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-4821 MEDIUM This Month

I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Etx R Firmware
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2015-7776 MEDIUM PATCH This Month

Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Garoon
NVD
CVSS 3.0
4.3
EPSS
0.6%
CVE-2016-1864 MEDIUM This Month

The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Apple Information Disclosure Safari Iphone Os
NVD
CVSS 3.0
4.3
EPSS
0.5%
CVE-2015-7462 MEDIUM This Month

IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Mq
NVD
CVSS 3.0
4.4
EPSS
0.0%
CVE-2016-1192 MEDIUM PATCH This Month

Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Garoon
NVD
CVSS 3.0
4.3
EPSS
0.3%
CVE-2016-1196 MEDIUM PATCH This Month

Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Garoon
NVD
CVSS 3.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy