Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-27 | CVE-2016-10072 | Permissions, Privileges, and Access Controls vulnerability in Wampserver 3.0.6 WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. | 7.5 |
| 2016-12-27 | CVE-2016-10031 | Permissions, Privileges, and Access Controls vulnerability in Wampserver 3.0.6 WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. | 7.5 |
| 2016-12-26 | CVE-2016-9224 | Improper Input Validation vulnerability in Cisco Jabber Guest A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. | 6.5 |
| 2016-12-26 | CVE-2016-9223 | Permissions, Privileges, and Access Controls vulnerability in Cisco Cloudcenter Orchestrator A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. | 9.8 |
| 2016-12-26 | CVE-2016-9217 | Improper Authorization vulnerability in Cisco Intercloud Fabric 2.2.1Base/2.3.1Base/3.1.1Base A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. | 8.8 |
| 2016-12-25 | CVE-2016-9681 | Cross-site Scripting vulnerability in S9Y Serendipity Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before 2.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a category or directory name. | 5.4 |
| 2016-12-25 | CVE-2016-10041 | Permissions, Privileges, and Access Controls vulnerability in Sprecher-Automation Sprecon-E Service Program 3.42 An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. | 7.5 |
| 2016-12-24 | CVE-2016-10006 | Cross-site Scripting vulnerability in Antisamy Project Antisamy In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. | 6.1 |
| 2016-12-24 | CVE-2016-10039 | Path Traversal vulnerability in Modx Revolution Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles. | 7.3 |
| 2016-12-24 | CVE-2016-10038 | Path Traversal vulnerability in Modx Revolution Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove. | 7.3 |