Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-5076 Information Exposure vulnerability in Cloudviewnms Cloudview NMS
CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def.
network
low complexity
cloudviewnms CWE-200
7.5
7.5
2017-04-10 CVE-2016-5072 Code Injection vulnerability in Oxidforge Oxid Eshop 4.9.8/5.2.8
OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class.
network
low complexity
oxidforge CWE-94
8.8
8.8
2017-04-10 CVE-2016-5071 Permissions, Privileges, and Access Controls vulnerability in Sierrawireless Aleos Firmware 4.3.2
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
network
low complexity
sierrawireless CWE-264
8.8
8.8
2017-04-10 CVE-2016-5067 Command Injection vulnerability in Sierrawireless Aleos Firmware 4.3.2
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
network
low complexity
sierrawireless CWE-77
8.8
8.8
2017-04-10 CVE-2016-5058 Improper Access Control vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
network
low complexity
osram CWE-284
7.5
7.5
2017-04-10 CVE-2016-5057 7PK - Security Features vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
network
low complexity
osram CWE-254
7.5
7.5
2017-04-10 CVE-2016-5056 Inadequate Encryption Strength vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
network
low complexity
osram CWE-326
7.5
7.5
2017-04-10 CVE-2016-5054 Improper Access Control vulnerability in Osram Lightify Home 1.6.1
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
network
low complexity
osram CWE-284
7.5
7.5
2017-04-10 CVE-2016-5052 7PK - Security Features vulnerability in Osram Lightify Home 1.6.1
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.
network
low complexity
osram CWE-254
7.5
7.5
2017-04-10 CVE-2016-5051 Information Exposure vulnerability in Osram Lightify Home 1.6.1
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application.
network
low complexity
osram CWE-200
7.5
7.5