Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-1179 | 1 Ibm | 1 Bigfix Security Compliance Analytics | 2017-06-15 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431. | |||||
| CVE-2016-3091 | 1 Cloud Foundry | 1 Diego | 2017-06-15 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service. | |||||
| CVE-2016-7824 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2017-06-15 | 6.5 MEDIUM | 8.8 HIGH |
| Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | |||||
| CVE-2016-7822 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2017-06-15 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors. | |||||
| CVE-2015-1786 | 1 Zend | 1 Zend Framework | 2017-06-15 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers. | |||||
| CVE-2017-9523 | 1 Sophos | 1 Web Appliance | 2017-06-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. | |||||
| CVE-2016-7823 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2017-06-14 | 2.3 LOW | 4.3 MEDIUM |
| Cross-site scripting vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-7825 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2017-06-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands. | |||||
| CVE-2016-7821 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2017-06-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors. | |||||
| CVE-2016-7833 | 1 Cybozu | 1 Dezie | 2017-06-14 | 6.4 MEDIUM | 7.5 HIGH |
| Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | |||||
| CVE-2016-7832 | 1 Cybozu | 1 Dezie | 2017-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | |||||
| CVE-2017-2180 | 1 Ipa | 1 Appgoat | 2017-06-14 | 4.3 MEDIUM | 4.3 MEDIUM |
| Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors. | |||||
| CVE-2016-2034 | 1 Arubanetworks | 1 Clearpass | 2017-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. | |||||
| CVE-2016-9710 | 1 Ibm | 1 Cognos Business Intelligence Server | 2017-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618. | |||||
| CVE-2016-7826 | 1 Buffalotech | 2 Wnc01wh, Wnc01wh Firmware | 2017-06-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests. | |||||
| CVE-2017-2179 | 1 Ipa | 1 Appgoat | 2017-06-14 | 6.8 MEDIUM | 8.8 HIGH |
| Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and CVE-2017-2182. | |||||
| CVE-2015-3295 | 1 Markdown-it Project | 1 Markdown-it | 2017-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| markdown-it before 4.1.0 does not block data: URLs. | |||||
| CVE-2015-6959 | 1 Vindula | 1 Vindula | 2017-06-14 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Vindula 1.9. | |||||
| CVE-2017-9332 | 1 Pivotx | 1 Pivotx | 2017-06-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag. | |||||
| CVE-2017-1305 | 1 Ibm | 1 Rational Doors Next Generation | 2017-06-14 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125459. | |||||