Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
All posts by 007admin
CVE-2016-5077
Netikus EventSentry before 3.2.1.44 has XSS via SNMP.
CVE-2016-5682
Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section.
CVE-2016-6534
Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations.
CVE-2016-5642
Opmantek NMIS before 8.5.12G has XSS via SNMP.
Moxa MXview 2.8 Private Key Disclosure
Moxa MXview version 2.8 suffers from a remote private key disclosure vulnerability.