Skip to main content
CVE-2016-6415 HIGH POC KEV THREAT Act Now

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Cisco Information Disclosure Apple
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
93.0%
Threat
7.3
CVE-2016-5814 HIGH PATCH This Week

Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity.

Rockwell Buffer Overflow RCE Rslogix 500 Professional Edition Rslogix 500 Standard Edition +3
NVD
CVSS 3.0
8.6
EPSS
0.8%
CVE-2016-1483 HIGH This Week

Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Webex Meetings Server
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-6537 HIGH This Week

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers, which allows context-dependent. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eh6108H Firmware
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2016-4526 HIGH This Week

ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory. Rated high severity (CVSS 7.5). No vendor patch available.

Abb Information Disclosure Tracer Sc
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2016-4860 HIGH This Week

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Stardom Fcn Fcj
NVD
CVSS 3.0
7.3
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy