Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2016
CVE-2016-0955
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog.
CVSS Score
6.1
EPSS Score
0.003
Published
2016-02-10
CVE-2016-0953
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0952.
CVSS Score
9.8
EPSS Score
0.175
Published
2016-02-10
CVE-2016-0952
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0953.
CVSS Score
9.8
EPSS Score
0.175
Published
2016-02-10
CVE-2016-0951
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0952 and CVE-2016-0953.
CVSS Score
9.8
EPSS Score
0.175
Published
2016-02-10
CVE-2016-0950
Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.007
Published
2016-02-10
CVE-2016-0949
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.
CVSS Score
9.8
EPSS Score
0.024
Published
2016-02-10
CVE-2016-0948
Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
8.8
EPSS Score
0.003
Published
2016-02-10
CVE-2015-7680
Ipswitch MOVEit DMZ before 8.2 provides different error messages for authentication attempts depending on whether the user account exists, which allows remote attackers to enumerate usernames via a series of SOAP requests to machine.aspx.
CVSS Score
5.3
EPSS Score
0.0
Published
2016-02-10
CVE-2015-7679
Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/.
CVSS Score
6.1
EPSS Score
0.0
Published
2016-02-10
CVE-2015-7678
Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
8.8
EPSS Score
0.0
Published
2016-02-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved