Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2016-8360 Double Free vulnerability in Moxa Softcms
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6.
network
high complexity
moxa CWE-415
8.1
8.1
2017-02-13 CVE-2016-8359 Cross-site Scripting vulnerability in Moxa products
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12.
network
low complexity
moxa CWE-79
6.1
6.1
2017-02-13 CVE-2016-8357 Permissions, Privileges, and Access Controls vulnerability in Lynxspring Jenesys BAS Bridge 1.1.8
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older.
network
low complexity
lynxspring CWE-264
7.1
7.1
2017-02-13 CVE-2016-8356 Cross-site Scripting vulnerability in Kabona AB Webdatorcentral
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0.
network
low complexity
kabona-ab CWE-79
8.2
8.2
2017-02-13 CVE-2016-8354 Code Injection vulnerability in Schneider-Electric Unity PRO 11.0/6.0/7.0
An issue was discovered in Schneider Electric Unity PRO prior to V11.1.
local
high complexity
schneider-electric CWE-94
7.0
7.0
2017-02-13 CVE-2016-8353 Permissions, Privileges, and Access Controls vulnerability in Osisoft PI web API 2015 R2 1.5.1
An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1).
network
low complexity
osisoft CWE-264
6.4
6.4
2017-02-13 CVE-2016-8352 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Connexium Firmware
An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions.
network
low complexity
schneider-electric CWE-119
critical
 10.0
10
2017-02-13 CVE-2016-8350 Cross-Site Request Forgery (CSRF) vulnerability in Moxa products
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12.
network
low complexity
moxa CWE-352
6.3
6.3
2017-02-13 CVE-2016-8348 XXE vulnerability in Emerson Liebert Sitescan web 6.5
An XML External Entity (XXE) issue was discovered in Emerson Liebert SiteScan Web Version 6.5, and prior.
network
low complexity
emerson CWE-611
critical
 9.8
9.8
2017-02-13 CVE-2016-8347 Improper Authentication vulnerability in Kabona AB Webdatorcentral
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0.
network
low complexity
kabona-ab CWE-287
critical
 9.8
9.8