Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-19 | CVE-2016-6462 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 10.0.0082/10.0.0125/9.7.106 A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. | 5.3 |
| 2016-11-19 | CVE-2016-6461 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. | 5.9 |
| 2016-11-19 | CVE-2016-6460 | 7PK - Security Features vulnerability in Cisco Firesight System Software A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. | 7.5 |
| 2016-11-19 | CVE-2016-6459 | OS Command Injection vulnerability in Cisco Telepresence TC Software Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. | 5.5 |
| 2016-11-19 | CVE-2016-6458 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. | 7.5 |
| 2016-11-19 | CVE-2016-6457 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. | 6.5 |
| 2016-11-19 | CVE-2016-6450 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. | 2.5 |
| 2016-11-18 | CVE-2016-8562 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). | 7.5 |
| 2016-11-18 | CVE-2016-8561 | Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic CP 1543-1 Firmware A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). | 6.6 |
| 2016-11-18 | CVE-2016-4333 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hdfgroup Hdf5 1.8.16 The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. | 8.6 |