Skip to main content
CVE-2016-4465 MEDIUM PATCH This Month

The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.4%.

Denial Of Service Apache Struts
NVD
CVSS 3.0
5.3
EPSS
10.4%
CVE-2016-5848 MEDIUM This Month

Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Siemens Sicam Pas Pqs
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2016-0899 MEDIUM This Month

EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Rsa Archer Egrc
NVD
CVSS 3.0
6.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy