Skip to main content
CVE-2016-9371 MEDIUM This Month

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Nport 5100 Series Firmware Nport 5200 Series Firmware Nport 5400 Series Firmware Nport 5600 Series Firmware +6
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-8376 MEDIUM This Month

An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Open Redirect Webdatorcentral
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5157 MEDIUM This Month

An issue was discovered in Schneider Electric homeLYnk Controller, LSS100100, all versions prior to V1.5.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Schneider Electric Homelynk Controller Lss100100 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5164 MEDIUM This Month

An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Universal Multifunctional Electric Power Quality Meter Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-5811 MEDIUM This Month

An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Powerlink2 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2016-2274 MEDIUM This Month

An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS A850 Telemetry Gateway Base Station Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5163 MEDIUM PATCH This Month

An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Gecko Lite Managed Switch Firmware
NVD
CVSS 3.0
5.9
EPSS
1.0%
CVE-2017-5141 MEDIUM This Month

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Honeywell Information Disclosure Xl Web Ii Controller
NVD
CVSS 3.0
6.0
EPSS
0.5%
CVE-2017-3896 MEDIUM This Month

Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Information Disclosure Mcafee Agent
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2016-9357 MEDIUM This Month

An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life (EoL) and no longer supported: EAMxxx prior to June 30, 2015, EMAxxx prior to January 31, 2014,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Eamxxx Series Epdu Firmware Emaxxx Series Epdu Firmware Eamaxx Series Epdu Firmware Emaaxx Series Epdu Firmware +1
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2016-9354 MEDIUM This Month

An issue was discovered in Moxa DACenter Versions 1.4 and older. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dacenter
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9339 MEDIUM This Month

An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Interschalt Vdr G4E Firmware
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2016-4546 MEDIUM This Month

Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Samsung Samsung Mobile
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-3902 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Intel Java Epolicy Orchestrator
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1121 MEDIUM PATCH This Month

IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Websphere Application Server
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-5813 MEDIUM This Month

An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Powerlink2 Firmware
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-9355 MEDIUM This Month

An issue was discovered in Becton, Dickinson and Company (BD) Alaris 8015 Point of Care (PC) unit, Version 9.5 and prior versions, and Version 9.7. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Alaris 8015 Pc Unit
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-2787 MEDIUM This Month

The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Puppet Enterprise
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-9346 MEDIUM This Month

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Miineport E1 Firmware Miineport E2 Firmware Miineport E3 Firmware
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-9347 MEDIUM This Month

An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simplex Wireless I/O Card V13.3. Rated medium severity (CVSS 5.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Se4801T0X Redundant Wireless I O Card Firmware Se4801T1X Simplex Wireless I O Card Firmware
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2016-8375 MEDIUM This Month

An issue was discovered in Becton, Dickinson and Company (BD) Alaris 8015 Point of Care (PC) unit, Version 9.5 and prior versions, and Version 9.7, and 8000 PC unit. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Alaris 8015 Pc Unit
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2016-8344 LOW Monitor

An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Honeywell Information Disclosure Experion Process Knowledge System
NVD
CVSS 3.0
3.7
EPSS
0.9%
CVE-2016-9348 LOW Monitor

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Nport 5100 Series Firmware Nport 5200 Series Firmware Nport 5400 Series Firmware Nport 5600 Series Firmware +6
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-9338 LOW Monitor

An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell Information Disclosure 1763 L16Awa Series A 1763 L16Awa Series B 1763 L16Bbb Series A +17
NVD
CVSS 3.0
2.7
EPSS
0.0%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy