|
266941
|
7.8 |
HIGH
Local
|
google
|
android
|
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6672
|
2024-11-21 11:56 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266942
|
7.5 |
HIGH
Network
|
pivotal_software
|
cloud_foundry_cf_mysql
|
The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cle…
|
CWE-200
Information Exposure
|
CVE-2016-6653
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266943
|
6.1 |
MEDIUM
Network
|
cisco
|
hostscan_engine
|
Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2016-6436
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266944
|
6.5 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
|
CWE-200
Information Exposure
|
CVE-2016-6435
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266945
|
7.8 |
HIGH
Local
|
cisco
|
firepower_management_center
|
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
|
CWE-287
Improper Authentication
|
CVE-2016-6434
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266946
|
8.8 |
HIGH
Network
|
cisco
|
firepower_management_center
|
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug …
|
CWE-20
Improper Input Validation
|
CVE-2016-6433
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266947
|
7.8 |
HIGH
Local
|
cisco
|
ios_xr
|
Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6428
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266948
|
8.8 |
HIGH
Network
|
cisco
|
unified_contact_center_express
unified_intelligence_center
|
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote atta…
|
CWE-352
Origin Validation Error
|
CVE-2016-6427
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266949
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_contact_center_express
unified_intelligence_center
|
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6425
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266950
|
6.5 |
MEDIUM
Adjacent
|
cisco
|
adaptive_security_appliance_software
|
The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHC…
|
CWE-399
Resource Management Errors
|
CVE-2016-6424
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
