Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2016-8495 Information Exposure vulnerability in Fortinet Fortimanager Firmware
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack via the Fortisandbox devices probing feature.
network
high complexity
fortinet CWE-200
7.4
2017-02-12 CVE-2017-5964 Cross-site Scripting vulnerability in Openenergymonitor Emoncms
An issue was discovered in Emoncms through 9.8.0.
network
low complexity
openenergymonitor CWE-79
6.1
2017-02-12 CVE-2017-5963 Cross-site Scripting vulnerability in Caddy Project Caddy
An issue was discovered in caddy (for TYPO3) before 7.2.10.
network
low complexity
caddy-project CWE-79
6.1
2017-02-12 CVE-2017-5962 Cross-site Scripting vulnerability in Netresearch Contexts Wurfl
An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2.
network
low complexity
netresearch CWE-79
6.1
2017-02-12 CVE-2017-5961 Cross-site Scripting vulnerability in Ionizecms Ionize
An issue was discovered in ionize through 1.0.8.
network
low complexity
ionizecms CWE-79
6.1
2017-02-12 CVE-2017-5960 Cross-site Scripting vulnerability in Phalconeye Project Phalconeye 0.4.0/0.4.1
An issue was discovered in Phalcon Eye through 0.4.1.
network
low complexity
phalconeye-project CWE-79
6.1
2017-02-12 CVE-2017-3302 Use After Free vulnerability in multiple products
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
network
low complexity
oracle mariadb debian redhat CWE-416
7.5
2017-02-10 CVE-2016-8713 Out-of-bounds Write vulnerability in Gonitro Nitro PDF PRO 10.5.5.9
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9.
local
low complexity
gonitro CWE-787
7.8
2017-02-10 CVE-2016-8711 Unspecified vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9
A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10.
local
low complexity
gonitro
7.8
2017-02-10 CVE-2016-8709 Out-of-bounds Write vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.
local
low complexity
gonitro CWE-787
7.8