Show filters
461 Total Results
Displaying 251-260 of 461
Sort by:
Attacker Value
Unknown
CVE-2016-8341
Disclosure Date: February 13, 2017 (last updated November 26, 2024)
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands.
0
Attacker Value
Unknown
CVE-2017-5146
Disclosure Date: February 13, 2017 (last updated November 26, 2024)
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text.
0
Attacker Value
Unknown
CVE-2016-2783
Disclosure Date: January 23, 2017 (last updated November 25, 2024)
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames.
0
Attacker Value
Unknown
CVE-2016-9177
Disclosure Date: November 04, 2016 (last updated November 25, 2024)
Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
0
Attacker Value
Unknown
CVE-2016-4025
Disclosure Date: November 03, 2016 (last updated November 25, 2024)
Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.
0
Attacker Value
Unknown
CVE-2016-2300
Disclosure Date: April 22, 2016 (last updated November 25, 2024)
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.
0
Attacker Value
Unknown
CVE-2016-2306
Disclosure Date: April 22, 2016 (last updated November 25, 2024)
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.
0
Attacker Value
Unknown
CVE-2016-2305
Disclosure Date: April 22, 2016 (last updated November 25, 2024)
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
0
Attacker Value
Unknown
CVE-2016-2302
Disclosure Date: April 22, 2016 (last updated November 25, 2024)
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
0
Attacker Value
Unknown
CVE-2016-2304
Disclosure Date: April 22, 2016 (last updated November 25, 2024)
Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
0
