Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-26 | CVE-2017-3795 | Improper Authentication vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. | 5.4 |
| 2017-01-26 | CVE-2016-9222 | Cross-site Scripting vulnerability in Cisco Netflow Generation Appliance 1.0(2) A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-01-26 | CVE-2016-9221 | Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.2(121.12)/8.4(1.82) A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. | 4.3 |
| 2017-01-26 | CVE-2016-9220 | Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.2(130.0) A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. | 4.3 |
| 2017-01-26 | CVE-2016-9216 | Resource Management Errors vulnerability in Cisco ASR 5000 Series Software An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. | 5.3 |
| 2017-01-25 | CVE-2016-8215 | Cross-site Scripting vulnerability in EMC RSA Security Analytics EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Reflected Cross-Site Scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |
| 2017-01-25 | CVE-2016-8214 | Permission Issues vulnerability in EMC Avamar Data Store and Avamar Virtual Edition EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3.0 and 7.3.1 contain a vulnerability that may allow malicious administrators to compromise Avamar servers. | 6.7 |
| 2017-01-24 | CVE-2017-2929 | Cross-site Scripting vulnerability in Adobe Acrobat 15.1.0.3 Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. | 6.1 |
| 2017-01-23 | CVE-2016-9401 | Use After Free vulnerability in multiple products popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | 5.5 |
| 2017-01-23 | CVE-2016-9385 | Improper Input Validation vulnerability in multiple products The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks. | 6.0 |