Skip to main content
CVE-2016-9949 HIGH POC PATCH This Week

An issue was discovered in Apport before 2.20.4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Python Code Injection Apport Ubuntu Linux
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
9.8%
CVE-2016-7454 HIGH POC This Week

CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an attacker to change the Wi-Fi password, open the. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Cisco Xfinity Gateway Router Dpc3941T Firmware
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
1.0%
CVE-2016-9951 MEDIUM POC PATCH This Month

An issue was discovered in Apport before 2.20.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Apport
NVD GitHub Exploit-DB
CVSS 3.0
6.5
EPSS
7.9%
CVE-2016-9950 HIGH POC PATCH This Week

An issue was discovered in Apport before 2.20.4. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Python Apport Ubuntu Linux
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2016-9160 HIGH This Week

A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Siemens Simatic Pcs 7 Simatic Wincc
NVD
CVSS 3.0
8.1
EPSS
0.5%
CVE-2016-9158 HIGH This Week

A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2016-9998 MEDIUM PATCH This Month

SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Spip
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-9997 MEDIUM PATCH This Month

SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Spip
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-9159 MEDIUM This Month

A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
5.9
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy