Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-10 | CVE-2016-9250 | Permissions, Privileges, and Access Controls vulnerability in F5 products In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism. | 7.5 |
| 2017-05-10 | CVE-2016-6037 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Team Concert (RTC) is vulnerable to HTML injection. | 4.8 |
| 2017-05-10 | CVE-2016-6035 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Quality Manager is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2016-5889 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Interact IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-05-10 | CVE-2016-5888 | Cross-site Scripting vulnerability in IBM Interact IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2016-3032 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2017-8878 | Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266 ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml. | 6.5 |
| 2017-05-10 | CVE-2017-8877 | Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266 ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID. | 6.5 |
| 2017-05-10 | CVE-2017-8876 | Cross-site Scripting vulnerability in Getsymphony Symphony 2.6.11 Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php. | 6.1 |
| 2017-05-10 | CVE-2017-8875 | Cross-Site Request Forgery (CSRF) vulnerability in Codection Clean Login 1.7.12 CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL. | 6.5 |