Skip to main content
CVE-2016-3013 MEDIUM PATCH This Month

IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service IBM Websphere Mq
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-8915 MEDIUM PATCH This Month

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Websphere Mq
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-8986 MEDIUM PATCH This Month

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Websphere Mq
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-9384 MEDIUM PATCH This Month

Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9910 MEDIUM PATCH This Month

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Html5Lib
NVD GitHub
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-9909 MEDIUM PATCH This Month

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Html5Lib
NVD GitHub
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-3821 MEDIUM This Month

A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2017-3845 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Prime Collaboration Assurance
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3838 MEDIUM This Month

A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Secure Access Control System
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3829 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3828 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3840 MEDIUM This Month

A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Cisco Secure Access Control System
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3833 MEDIUM This Month

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-3052 MEDIUM PATCH This Month

Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Websphere Mq
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2017-3827 MEDIUM This Month

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Web Security Appliance Email Security Appliance Firmware
NVD
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-6188 MEDIUM PATCH This Month

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Munin Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-9377 MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Xen
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9378 MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Authentication Bypass Xen
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-3847 MEDIUM This Month

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Secure Firewall Management Center
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-3842 MEDIUM This Month

A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Intrusion Prevention System Device Manager
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2017-3839 MEDIUM This Month

An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Cisco Secure Access Control System
NVD
CVSS 3.0
4.3
EPSS
0.4%
CVE-2017-3836 MEDIUM This Month

A vulnerability in the web framework Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Manager
NVD
CVSS 3.0
4.3
EPSS
0.3%
CVE-2017-3844 MEDIUM This Month

A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Prime Collaboration Assurance
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2017-3843 MEDIUM This Month

A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Prime Collaboration Assurance
NVD
CVSS 3.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy