Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-11-19 | CVE-2016-6450 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. | 2.5 |
2016-11-10 | CVE-2016-7239 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 3.1 |
2016-11-10 | CVE-2016-7227 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability." | 3.1 |
2016-11-10 | CVE-2016-7220 | Information Exposure vulnerability in Microsoft Windows 10 Virtual Secure Mode in Microsoft Windows 10 allows local users to obtain sensitive information via a crafted application, aka "Virtual Secure Mode Information Disclosure Vulnerability." | 3.3 |
2016-11-10 | CVE-2016-7214 | Information Exposure vulnerability in Microsoft products The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted application, aka "Win32k Information Disclosure Vulnerability." | 3.3 |
2016-11-10 | CVE-2016-7204 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." | 3.1 |
2016-11-10 | CVE-2016-7199 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 3.1 |
2016-10-25 | CVE-2016-8288 | Improper Access Control vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. | 3.1 |
2016-10-25 | CVE-2016-8286 | Information Exposure vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. | 3.1 |
2016-10-25 | CVE-2016-8284 | Unspecified vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. | 1.8 |