Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2016-8367 | Resource Exhaustion vulnerability in Schneider-Electric products An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). | 5.3 |
| 2017-02-13 | CVE-2016-8362 | Improper Authentication vulnerability in Moxa products An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. | 6.5 |
| 2017-02-13 | CVE-2016-8359 | Cross-site Scripting vulnerability in Moxa products An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. | 6.1 |
| 2017-02-13 | CVE-2016-8353 | Permissions, Privileges, and Access Controls vulnerability in Osisoft PI web API 2015 R2 1.5.1 An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). | 6.4 |
| 2017-02-13 | CVE-2016-8350 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. | 6.3 |
| 2017-02-13 | CVE-2016-5813 | Information Exposure vulnerability in Visonic Powerlink2 Firmware An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. | 5.3 |
| 2017-02-13 | CVE-2016-5811 | Cross-site Scripting vulnerability in Visonic Powerlink2 Firmware An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. | 6.1 |
| 2017-02-13 | CVE-2016-2274 | Cross-site Scripting vulnerability in Adcon Telemetry A850 Telemetry Gateway Base Station Firmware An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. | 6.1 |
| 2017-02-13 | CVE-2016-4546 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | 5.5 |
| 2017-02-13 | CVE-2016-2787 | Improper Access Control vulnerability in multiple products The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors. | 5.3 |