Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-14 | CVE-2016-9034 | Classic Buffer Overflow vulnerability in Joyent Smartos 20120614/20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-14 | CVE-2016-9033 | Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-14 | CVE-2016-9032 | Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.0 |
| 2016-12-14 | CVE-2016-9031 | Integer Overflow or Wraparound vulnerability in Joyent Smartos 20161110T013148Z An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 7.8 |
| 2016-12-14 | CVE-2016-8733 | Integer Overflow or Wraparound vulnerability in Joyent Smartos 20120614/20161110T013148Z An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. | 8.8 |
| 2016-12-14 | CVE-2016-6277 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear products NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/. | 8.8 |
| 2016-12-14 | CVE-2016-9215 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XR 6.1.1 A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. | 7.8 |
| 2016-12-14 | CVE-2016-9212 | Improper Input Validation vulnerability in Cisco web Security Appliance 9.0.1162/9.1.1074 A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. | 7.5 |
| 2016-12-14 | CVE-2016-9211 | Improper Input Validation vulnerability in Cisco ONS 15454 SDH Multiservice Platform Software 10.51.0 A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. | 7.5 |
| 2016-12-14 | CVE-2016-9210 | Path Traversal vulnerability in Cisco Unified Communications Manager 11.5(1.11007.2) A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. | 7.5 |