Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-24 | CVE-2015-8661 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data. | 8.3 |
| 2015-12-24 | CVE-2015-7934 | Information Exposure vulnerability in Adcon A840 Telemetry Gateway Base Station Firmware The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors. | 8.6 |
| 2015-12-24 | CVE-2015-7932 | Information Exposure vulnerability in Adcon A840 Telemetry Gateway Base Station Firmware Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to obtain sensitive information by sniffing the network. | 8.6 |
| 2015-12-24 | CVE-2015-7931 | Improper Input Validation vulnerability in Adcon A840 Telemetry Gateway Base Station Firmware The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station does not authenticate the station device, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information by reading cleartext packet data, related to the lack of SSL support. | 8.7 |
| 2015-12-23 | CVE-2015-7928 | Information Exposure vulnerability in Ewon Firmware 10.0S0 eWON devices with firmware before 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 8.5 |
| 2015-12-23 | CVE-2015-7925 | Cross-Site Request Forgery (CSRF) vulnerability in Ewon Firmware 10.0S0 Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot. | 8.0 |
| 2015-12-23 | CVE-2015-7924 | Unspecified vulnerability in Ewon Firmware 10.0S0 eWON devices with firmware before 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 8.8 |
| 2015-12-23 | CVE-2015-7936 | Cross-Site Request Forgery (CSRF) vulnerability in Motorola Moscad IP Gateway Firmware Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. | 7.5 |
| 2015-12-23 | CVE-2015-7935 | Information Exposure vulnerability in Motorola Moscad IP Gateway Firmware Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. | 7.5 |
| 2015-12-23 | CVE-2015-7917 | Unspecified vulnerability in Opcsystems OPC Systems.Net 8.00.0023 Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.2 |