Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-19 | CVE-2016-4860 | Improper Authentication vulnerability in Yokogawa Stardom Fcn/Fcj Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a (1) stop application program, (2) change value, or (3) modify application command. | 7.3 |
| 2016-09-19 | CVE-2016-4526 | Uncontrolled Search Path Element vulnerability in Trane Tracer SC 3.8/4.2.1134 ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory. | 7.5 |
| 2016-09-19 | CVE-2016-1483 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0 Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. | 7.5 |
| 2016-09-18 | CVE-2016-6402 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Computing System UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. | 7.8 |
| 2016-09-18 | CVE-2016-4705 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704. | 7.8 |
| 2016-09-18 | CVE-2016-4704 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705. | 7.8 |
| 2016-09-18 | CVE-2016-6641 | Cross-site Scripting vulnerability in EMC Vipr SRM 3.6.0/3.6.4/3.7.1 Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 7.6 |
| 2016-09-18 | CVE-2016-6639 | 7PK - Security Features vulnerability in multiple products Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file. | 7.5 |
| 2016-09-18 | CVE-2016-0929 | Information Exposure vulnerability in Pivotal Software Rabbitmq The metrics-collection component in RabbitMQ for Pivotal Cloud Foundry (PCF) 1.6.x before 1.6.4 logs command lines of failed commands, which might allow context-dependent attackers to obtain sensitive information by reading the log data, as demonstrated by a syslog message that contains credentials from a command line. | 7.5 |
| 2016-09-18 | CVE-2016-0928 | Open Redirect vulnerability in Pivotal Cloud Foundry Elastic Runtime Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.30 and 1.7.x before 1.7.8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 7.4 |