Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-27	CVE-2020-10510	Incorrect Authorization vulnerability in SUN Ehrd 8/9 Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. network low complexity sun CWE-863	6.5
2020-03-27	CVE-2020-10509	Cross-site Scripting vulnerability in SUN Ehrd 8.0/9.0 Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack. network low complexity sun CWE-79	6.1
2016-03-28	CVE-2016-1314	Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux80760. network low complexity sun CWE-79	6.1
2016-03-26	CVE-2016-1344	Resource Management Errors vulnerability in multiple products The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. network high complexity cisco samsung sun zyxel lenovo netgear zzinc CWE-399	5.9
2016-02-15	CVE-2016-1331	Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766. network low complexity sun CWE-79	6.1
2016-02-09	CVE-2016-1319	Information Exposure vulnerability in multiple products Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. network low complexity sun samsung zyxel zzinc CWE-200	5.3
2016-02-06	CVE-2016-1310	Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033. network low complexity sun CWE-79	6.1
2016-02-06	CVE-2016-1306	Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466. network low complexity sun CWE-79	6.1
2009-08-11	CVE-2009-2416	Use After Free vulnerability in multiple products Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. network low complexity xmlsoft fedoraproject debian redhat canonical google apple suse opensuse vmware sun CWE-416	6.5
2005-03-05	CVE-2005-0109	Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. local high complexity freebsd sco redhat ubuntu sun	5.6