|
266201
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Setting the user's name to JS code makes that code execute when selecting that user's "Templates" folder from OX Documents sett…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6842
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266202
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code can be injected to contact names. When adding those contacts to a group, the script code gets executed in the conte…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6843
|
2024-11-21 11:56 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266203
|
7.3 |
HIGH
Network
|
cisco
|
ios
|
A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication…
|
CWE-287
Improper Authentication
|
CVE-2016-6474
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266204
|
6.5 |
MEDIUM
Adjacent
|
cisco
|
ios
|
A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCu…
|
CWE-399
CWE-74
Resource Management Errors
Injection
|
CVE-2016-6473
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266205
|
6.5 |
MEDIUM
Network
|
cisco
|
firesight_system_software
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage P…
|
CWE-200
Information Exposure
|
CVE-2016-6471
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266206
|
7.8 |
HIGH
Local
|
cisco
|
hybrid_media_service
|
A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Kno…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6470
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266207
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance
|
A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the…
|
CWE-399
Resource Management Errors
|
CVE-2016-6469
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266208
|
8.8 |
HIGH
Network
|
cisco
|
emergency_responder
|
A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform ar…
|
CWE-352
Origin Validation Error
|
CVE-2016-6468
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266209
|
7.5 |
HIGH
Network
|
cisco
|
asr_5000_series_software
|
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected relo…
|
CWE-399
Resource Management Errors
|
CVE-2016-6467
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266210
|
4.3 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker …
|
CWE-20
Improper Input Validation
|
CVE-2016-6465
|
2024-11-21 11:56 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
