Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-19 | CVE-2016-6462 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 10.0.0082/10.0.0125/9.7.106 A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. | 5.3 |
| 2016-11-19 | CVE-2016-6461 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. | 5.9 |
| 2016-11-19 | CVE-2016-6459 | OS Command Injection vulnerability in Cisco Telepresence TC Software Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. | 5.5 |
| 2016-11-19 | CVE-2016-6457 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. | 6.5 |
| 2016-11-18 | CVE-2016-8561 | Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic CP 1543-1 Firmware A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). | 6.6 |
| 2016-11-17 | CVE-2016-9376 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9375 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9374 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9373 | Use After Free vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9372 | Resource Management Errors vulnerability in Wireshark 2.2.0/2.2.1 In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. | 5.9 |