Max CVSS | 9.3 | Min CVSS | 3.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-9496 | 6.1 |
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.bin to cause the modem to reboo
|
09-10-2019 - 23:20 | 13-07-2018 - 20:29 | |
CVE-2016-9495 | 5.8 |
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices
|
09-10-2019 - 23:20 | 13-07-2018 - 20:29 | |
CVE-2016-9497 | 8.3 |
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An
|
09-10-2019 - 23:20 | 13-07-2018 - 20:29 | |
CVE-2016-9494 | 3.3 |
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to p
|
09-10-2019 - 23:20 | 13-07-2018 - 20:29 | |
CVE-2003-0825 | 9.3 |
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute
|
30-04-2019 - 14:27 | 03-03-2004 - 05:00 | |
CVE-2006-4293 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html, or the (2) file parameter in (a) editit.html or (b) showfile.html.
|
17-10-2018 - 21:34 | 22-08-2006 - 17:04 | |
CVE-2008-2674 | 6.4 |
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary f
|
08-08-2017 - 01:31 | 12-06-2008 - 12:21 | |
CVE-2016-6018 | 4.0 |
IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738.
|
25-07-2017 - 15:44 | 19-07-2017 - 20:29 | |
CVE-2017-3844 | 4.0 |
A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assura
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3837 | 5.5 |
An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure o
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3828 | 4.3 |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3843 | 4.0 |
A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. More Information: CSCvc99446. Known Affected Releases: 11.5(0).
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3845 | 4.3 |
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an aff
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3821 | 4.3 |
A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. More Information: CSCvc49348. Known Affected Releases: 10.5(2.
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3835 | 6.5 |
A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More Information: CSCvb15627. Known Affected Releases: 1.4(0
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3830 | 5.0 |
A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance. More Information: CSCvc89678. Known Affected Releases: 2.1. K
|
25-07-2017 - 01:29 | 22-02-2017 - 02:59 | |
CVE-2017-3833 | 4.3 |
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. More Information
|
01-03-2017 - 02:59 | 22-02-2017 - 02:59 | |
CVE-2015-7935 | 5.0 |
Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors.
|
28-11-2016 - 19:45 | 23-12-2015 - 03:59 | |
CVE-2015-7936 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password.
|
28-11-2016 - 19:45 | 23-12-2015 - 03:59 |