Total
365 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2346 | 1 Allroundautomations | 1 Pl\/sql Developer | 2016-05-04 | 6.8 MEDIUM | 8.1 HIGH |
| Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream. | |||||
| CVE-2016-3983 | 1 Mcafee | 1 Advanced Threat Defense | 2016-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process. | |||||
| CVE-2015-8254 | 1 Rsi Video Technologies | 1 Frontel Protocol | 2015-12-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream. | |||||
| CVE-2014-5406 | 1 Hospira | 3 Lifecare Pca3, Lifecare Pca5, Lifecare Pcainfusion Firmware | 2015-07-08 | 9.3 HIGH | N/A |
| The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote attackers to modify settings or medication data via packets on the (a) TELNET, (b) HTTP, (c) HTTPS, or (d) UPNP port. NOTE: this issue might overlap CVE-2015-3459. | |||||
| CVE-2014-4883 | 1 Lwip Project | 1 Lwip | 2015-01-08 | 4.3 MEDIUM | N/A |
| resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets. | |||||