Max CVSS 9.3 Min CVSS 1.9 Total Count9
IDCVSSSummaryLast (major) updatePublished
CVE-2016-8527 4.3
Aruba Airwave all versions up to, but not including, is vulnerable to a reflected cross-site scripting (XSS). The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a log
07-08-2018 - 21:29 06-08-2018 - 16:29
CVE-2016-8526 4.0
Aruba Airwave all versions up to, but not including, is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the c
07-08-2018 - 21:29 06-08-2018 - 16:29
CVE-2017-2626 2.1
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
27-07-2018 - 15:29 27-07-2018 - 15:29
CVE-2017-2625 2.1
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing
27-07-2018 - 14:29 27-07-2018 - 14:29
CVE-2017-2624 1.9
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations ret
27-07-2018 - 14:29 27-07-2018 - 14:29
CVE-2017-3813 7.2
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability
15-03-2017 - 21:59 09-02-2017 - 12:59
CVE-2017-6351 9.3
The WePresent WiPG-1500 device with firmware has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device wi
13-03-2017 - 11:00 05-03-2017 - 21:59
CVE-2017-6411 6.8
Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password.
07-03-2017 - 21:59 06-03-2017 - 01:59
CVE-2017-6104 5.0
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
07-03-2017 - 09:17 02-03-2017 - 17:59
Back to Top Mark selected
Back to Top