Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-03-06 CVE-2017-6498 Improper Input Validation vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-20
5.5
5.5
2017-03-06 CVE-2017-6497 NULL Pointer Dereference vulnerability in Imagemagick 6.9.7
An issue was discovered in ImageMagick 6.9.7.
network
low complexity
imagemagick CWE-476
7.5
7.5
2017-03-06 CVE-2017-6416 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Sysgauge 1.5.18
An issue was discovered in SysGauge 1.5.18.
network
low complexity
flexense CWE-119
critical
 9.8
9.8
2017-03-06 CVE-2017-6351 Use of Hard-coded Credentials vulnerability in Wepresent Wipg-1500 Firmware 1.0.3.7
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password.
network
high complexity
wepresent CWE-798
8.1
8.1
2017-03-06 CVE-2017-6334 OS Command Injection vulnerability in Netgear Dgn2200 Series Firmware 10.0.0.50
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.
network
low complexity
netgear CWE-78
8.8
8.8
2017-03-05 CVE-2017-6446 Cross-site Scripting vulnerability in Dotclear 2.11.2
XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters.
network
low complexity
dotclear CWE-79
6.1
6.1
2017-03-05 CVE-2017-6492 SQL Injection vulnerability in Admidio 3.2.5
SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5.
network
low complexity
admidio CWE-89
7.2
7.2
2017-03-05 CVE-2017-6491 Cross-site Scripting vulnerability in Epesi 1.8.1.1
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1.
network
low complexity
epesi CWE-79
6.1
6.1
2017-03-05 CVE-2017-6490 Cross-site Scripting vulnerability in Epesi 1.8.1.1
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1.
network
low complexity
epesi CWE-79
6.1
6.1
2017-03-05 CVE-2017-6489 Cross-site Scripting vulnerability in Epesi 1.8.1.1
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1.
network
low complexity
epesi CWE-79
6.1
6.1