Skip to main content
CVE-2017-6618 MEDIUM This Month

A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS RCE Cisco Integrated Management Controller Supervisor
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-6617 MEDIUM This Month

A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Integrated Management Controller Supervisor
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9979 MEDIUM PATCH This Month

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Curam Social Program Management
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9980 MEDIUM PATCH This Month

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Curam Social Program Management
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-3731 MEDIUM This Month

Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Moodle
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-5160 MEDIUM This Month

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Intouch Access Anywhere
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2016-4844 MEDIUM This Month

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mailwise
NVD
CVSS 3.0
4.3
EPSS
0.7%
CVE-2016-3733 MEDIUM PATCH This Month

The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Moodle
NVD
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-4842 MEDIUM This Month

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mailwise
NVD
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-9978 MEDIUM PATCH This Month

IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Curam Social Program Management
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-8923 MEDIUM PATCH This Month

IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulnerability that would allow an authorized user to obtain sensitive information from the profile of a higher privileged user that. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Curam Social Program Management
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-1220 MEDIUM This Month

Cybozu Garoon before 4.2.2 does not properly restrict access. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-3732 MEDIUM PATCH This Month

The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Moodle
NVD
CVSS 3.0
4.3
EPSS
0.1%
CVE-2017-3793 MEDIUM This Month

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Cisco Adaptive Security Appliance Software
NVD
CVSS 3.0
4.0
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy