Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-05 | CVE-2016-5983 | Improper Access Control vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object. | 7.5 |
| 2016-10-05 | CVE-2016-5085 | Use of Insufficiently Random Values vulnerability in Animas Onetouch Ping Firmware Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an authentication handshake. | 7.5 |
| 2016-10-05 | CVE-2016-5084 | Cryptographic Issues vulnerability in Animas Onetouch Ping Firmware Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network. | 7.5 |
| 2016-10-05 | CVE-2016-4390 | Unspecified vulnerability in HP Keyview The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4389. | 8.1 |
| 2016-10-05 | CVE-2016-4389 | Unspecified vulnerability in HP Keyview The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4390. | 8.1 |
| 2016-10-05 | CVE-2016-4388 | Unspecified vulnerability in HP Keyview The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-4390. | 8.1 |
| 2016-10-05 | CVE-2016-4387 | Unspecified vulnerability in HP Keyview The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-4390. | 8.1 |
| 2016-10-05 | CVE-2016-2308 | Unspecified vulnerability in American Auto-Matrix products American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application store passwords in cleartext, which allows remote attackers to obtain sensitive information by reading a file. | 8.6 |
| 2016-10-05 | CVE-2016-2307 | Information Exposure vulnerability in American Auto-Matrix products American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application allow remote attackers to read arbitrary files via unspecified vectors, as demonstrated by the configuration file. | 7.5 |
| 2016-10-05 | CVE-2016-6645 | Improper Input Validation vulnerability in multiple products The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class. | 8.8 |