CVE-2016-6913 (open_source_security_information_and_event_management, unified_security_management)

CVE-2016-6913 (open_source_security_information_and_event_management, unified_security_management)

Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php.

Source: CVE-2016-6913 (open_source_security_information_and_event_management, unified_security_management)

CVE-2016-6901 (ar_firmware, netengine_16ex_firmware)

CVE-2016-6901 (ar_firmware, netengine_16ex_firmware)

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.

Source: CVE-2016-6901 (ar_firmware, netengine_16ex_firmware)

CVE-2016-6901

CVE-2016-6901

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.

Source: CVE-2016-6901