Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2016-5796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fatek Automation FV Designer and Automation PM Designer An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. | 8.8 |
| 2017-02-13 | CVE-2016-5786 | Information Exposure vulnerability in Omnimetrix Omniview 1.2 An issue was discovered in OmniMetrix OmniView, Version 1.2. | 7.5 |
| 2017-02-13 | CVE-2016-5782 | Improper Input Validation vulnerability in Locusenergy Lgate Firmware An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. | 8.6 |
| 2017-02-13 | CVE-2016-2274 | Cross-site Scripting vulnerability in Adcon Telemetry A850 Telemetry Gateway Base Station Firmware An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. | 6.1 |
| 2017-02-13 | CVE-2016-10224 | 7PK - Security Features vulnerability in Sauter-Controls Novaweb web HMI An issue was discovered in Sauter NovaWeb web HMI. | 7.2 |
| 2017-02-13 | CVE-2016-8859 | Integer Overflow or Wraparound vulnerability in Etalabs Musl 1.1.15 Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. | 9.8 |
| 2017-02-13 | CVE-2016-8659 | Permissions, Privileges, and Access Controls vulnerability in Bubblewrap Project Bubblewrap Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket. | 7.0 |
| 2017-02-13 | CVE-2016-7565 | Improper Access Control vulnerability in Exponentcms Exponent CMS 2.3.9 install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter. | 9.8 |
| 2017-02-13 | CVE-2016-6129 | Improper Input Validation vulnerability in multiple products The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack. | 7.5 |
| 2017-02-13 | CVE-2016-5100 | Use of Insufficiently Random Values vulnerability in Froxlor Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value. | 9.8 |