Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-31 | CVE-2016-4502 | Improper Access Control vulnerability in Envirosys ESC 8832 Data Controller 3.02 Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter. | 7.5 |
| 2016-05-31 | CVE-2016-2295 | Information Exposure vulnerability in Moxa products Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file. | 7.5 |
| 2016-05-31 | CVE-2016-2286 | Improper Authentication vulnerability in Moxa products Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors. | 7.5 |
| 2016-05-31 | CVE-2016-2285 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2016-05-31 | CVE-2016-0879 | Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL. | 7.5 |
| 2016-05-31 | CVE-2016-0878 | Unspecified vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests. | 7.5 |
| 2016-05-31 | CVE-2016-0877 | Missing Release of Resource after Effective Lifetime vulnerability in Moxa Edr-G903 Firmware Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function. | 7.5 |
| 2016-05-31 | CVE-2016-0876 | Cleartext Storage of Sensitive Information vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file. | 7.5 |
| 2016-05-31 | CVE-2016-0875 | Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. | 7.5 |
| 2016-05-30 | CVE-2016-4118 | Permissions, Privileges, and Access Controls vulnerability in Adobe Connect Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. | 7.8 |