|
264761
|
9.8 |
CRITICAL
Network
|
dexis
|
imaging_suite
|
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXIS_DATA SQL Server session.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-6532
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264762
|
9.8 |
CRITICAL
Network
|
opendental
|
opendental
|
Open Dental 16.1 and earlier has a hardcoded MySQL root password, which allows remote attackers to obtain administrative access by leveraging access to intranet TCP port 3306. NOTE: the vendor dispu…
|
CWE-255
Credentials Management
|
CVE-2016-6531
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264763
|
7.8 |
HIGH
Local
|
cisco
|
application_policy_infrastructure_controller
|
The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6413
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264764
|
6.5 |
MEDIUM
Network
|
cisco
|
ios
|
The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via c…
|
CWE-20
Improper Input Validation
|
CVE-2016-6412
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264765
|
7.5 |
HIGH
Network
|
cisco
|
firesight_system_software
|
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settin…
|
CWE-20
Improper Input Validation
|
CVE-2016-6411
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264766
|
6.5 |
MEDIUM
Network
|
cisco
|
ios
|
The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecifi…
|
CWE-20
Improper Input Validation
|
CVE-2016-6410
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264767
|
7.5 |
HIGH
Network
|
cisco
|
ios
|
The Data in Motion (DMo) component in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service (out-of-bounds access) via crafted traff…
|
CWE-399
Resource Management Errors
|
CVE-2016-6409
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264768
|
7.5 |
HIGH
Network
|
cisco
|
prime_home
|
Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML Externa…
|
CWE-611
XXE
|
CVE-2016-6408
|
2024-11-21 11:56 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264769
|
7.8 |
HIGH
Local
|
cisco
|
ios
|
iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, ak…
|
CWE-78
OS Command
|
CVE-2016-6414
|
2024-11-21 11:56 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264770
|
9.8 |
CRITICAL
Network
|
cisco
|
email_security_appliance_firmware
|
Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6406
|
2024-11-21 11:56 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
