Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-06-19 CVE-2016-1226 Cross-site Scripting vulnerability in Trendmicro Internet Security 10.0/8.0
Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
trendmicro CWE-79
6.1
6.1
2016-06-19 CVE-2016-1225 Information Exposure vulnerability in Trendmicro Internet Security 10.0/8.0
Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
trendmicro CWE-200
6.5
6.5
2016-06-19 CVE-2016-1197 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.
network
low complexity
cybozu CWE-79
6.1
6.1
2016-06-19 CVE-2015-7775 Cross-site Scripting vulnerability in Cybozu Garoon 4.0.3
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197.
network
low complexity
cybozu CWE-79
5.4
5.4
2016-06-19 CVE-2016-4821 Unspecified vulnerability in Iodata Etx-R Firmware
I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors.
network
low complexity
iodata
5.3
5.3
2016-06-19 CVE-2016-4816 Information Exposure vulnerability in Buffalo products
BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.
network
low complexity
buffalo CWE-200
6.5
6.5
2016-06-19 CVE-2016-1424 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS 15.2(1)T1.11/15.2(2)Tst
Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132.
low complexity
cisco CWE-119
6.5
6.5
2016-06-19 CVE-2016-1397 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.
network
low complexity
cisco CWE-119
6.5
6.5
2016-06-19 CVE-2016-1396 Cross-site Scripting vulnerability in Cisco products
Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.
network
low complexity
cisco CWE-79
6.1
6.1
2016-06-19 CVE-2016-1224 Cross-site Scripting vulnerability in Trendmicro products
CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.
network
low complexity
trendmicro CWE-79
6.1
6.1