Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-28 | CVE-2016-1480 | 7PK - Errors vulnerability in Cisco Email Security Appliance A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. | 7.5 |
| 2016-10-27 | CVE-2016-6446 | Information Exposure vulnerability in Cisco Meeting Server A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. | 7.5 |
| 2016-10-27 | CVE-2016-6444 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. | 8.8 |
| 2016-10-27 | CVE-2016-6443 | SQL Injection vulnerability in Cisco products A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. | 8.8 |
| 2016-10-27 | CVE-2016-6442 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Finesse 11.0(1)Base A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. | 8.8 |
| 2016-10-27 | CVE-2016-6439 | Resource Management Errors vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 7.5 |
| 2016-10-27 | CVE-2016-6432 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 8.1 |
| 2016-10-27 | CVE-2016-6431 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. | 7.5 |
| 2016-10-27 | CVE-2016-1000122 | SQL Injection vulnerability in Huge-It Slider 1.0.9 XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension | 7.2 |
| 2016-10-27 | CVE-2016-1000120 | SQL Injection vulnerability in Huge-It Catalog 1.0.4 SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla | 7.2 |