Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4815 | 1 Buffalo | 12 Wzr-600dhp2, Wzr-600dhp2 Firmware, Wzr-600dhp3 and 9 more | 2016-06-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2016-1424 | 1 Cisco | 1 Ios | 2016-06-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132. | |||||
| CVE-2016-1431 | 1 Cisco | 1 Firepower Management Center | 2016-06-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516. | |||||
| CVE-2016-1432 | 1 Cisco | 1 Ios Xe | 2016-06-20 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router devices allows remote authenticated users to cause a denial of service (NULL pointer dereference and card restart) via a crafted SNMP request, aka Bug ID CSCuu68862. | |||||
| CVE-2016-4821 | 1 Iodata | 2 Etx-r, Etx-r Firmware | 2016-06-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors. | |||||
| CVE-2016-1195 | 1 Cybozu | 1 Garoon | 2016-06-20 | 5.8 MEDIUM | 7.4 HIGH |
| Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | |||||
| CVE-2016-4158 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2016-06-20 | 6.9 MEDIUM | 7.3 HIGH |
| Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | |||||
| CVE-2016-3642 | 1 Solarwinds | 1 Virtualization Manager | 2016-06-20 | 10.0 HIGH | 9.8 CRITICAL |
| The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2016-5433 | 1 Citrix | 1 Ios Receiver | 2016-06-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors. | |||||
| CVE-2016-3670 | 1 Liferay | 1 Liferay Portal | 2016-06-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field. | |||||
| CVE-2016-5302 | 1 Citrix | 1 Xenserver | 2016-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account. | |||||
| CVE-2016-3687 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Edge Gateway | 2016-06-20 | 4.0 MEDIUM | 5.3 MEDIUM |
| Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in the SSO_ORIG_URI parameter. | |||||
| CVE-2016-4167 | 1 Adobe | 1 Dng Software Development Kit | 2016-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe DNG Software Development Kit (SDK) before 1.4 2016 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2016-4164 | 1 Adobe | 1 Brackets | 2016-06-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-4165 | 1 Adobe | 1 Brackets | 2016-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| The extension manager in Adobe Brackets before 1.7 allows attackers to have an unspecified impact via invalid input. | |||||
| CVE-2016-4157 | 1 Adobe | 1 Creative Cloud | 2016-06-17 | 6.9 MEDIUM | 7.3 HIGH |
| Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory. | |||||
| CVE-2016-4511 | 1 Abb | 1 Pcm600 | 2016-06-17 | 1.9 LOW | 2.8 LOW |
| ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file. | |||||
| CVE-2014-6592 | 1 Oracle | 1 Fusion Middleware | 2016-06-16 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389. | |||||
| CVE-2014-5704 | 1 Dish | 1 Dish Anywhere | 2016-06-16 | 5.4 MEDIUM | N/A |
| The DISH Anywhere (aka com.sm.SlingGuide.Dish) application 3.5.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6525 | 1 Oracle | 1 E-business Suite | 2016-06-16 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates. | |||||