Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-23 | CVE-2015-7936 | Cross-Site Request Forgery (CSRF) vulnerability in Motorola Moscad IP Gateway Firmware Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. | 7.5 |
| 2015-12-23 | CVE-2015-7935 | Information Exposure vulnerability in Motorola Moscad IP Gateway Firmware Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. | 7.5 |
| 2015-12-23 | CVE-2015-7917 | Unspecified vulnerability in Opcsystems OPC Systems.Net 8.00.0023 Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.2 |
| 2015-12-23 | CVE-2015-7911 | Credentials Management vulnerability in Saia Burgess Controls products Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session. | 9.1 |
| 2015-12-23 | CVE-2015-6851 | Improper Access Control vulnerability in RSA Securid web Agent EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector. | 6.7 |
| 2015-12-23 | CVE-2015-6471 | Information Exposure vulnerability in Eaton Proview Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data. | 5.3 |
| 2015-12-23 | CVE-2015-6431 | Resource Management Errors vulnerability in Cisco IOS XE 16.1.1 Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405. | 6.5 |
| 2015-12-22 | CVE-2015-8373 | Improper Input Validation vulnerability in ISC KEA 0.9.2/1.0.0 The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packet. | 6.8 |
| 2015-12-21 | CVE-2015-4545 | Permissions, Privileges, and Access Controls vulnerability in EMC Isilon Onefs EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session. | 8.0 |
| 2015-12-21 | CVE-2015-7919 | Permissions, Privileges, and Access Controls vulnerability in Searchblox 8.3.0 SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors. | 10.0 |