Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-08 | CVE-2017-16665 | Cross-site Scripting vulnerability in Remobjects Remoting SDK 9 1.0.0.0. RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL. | 6.1 |
| 2017-11-08 | CVE-2017-16663 | Integer Overflow or Wraparound vulnerability in Sam2P Project Sam2P 0.49.4 In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely. | 5.5 |
| 2017-11-08 | CVE-2017-16661 | Information Exposure vulnerability in Cacti 1.1.27 Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd. | 4.9 |
| 2017-11-07 | CVE-2017-16650 | Divide By Zero vulnerability in Linux Kernel The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-16649 | Divide By Zero vulnerability in Linux Kernel The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-16648 | Use After Free vulnerability in Linux Kernel The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-16647 | NULL Pointer Dereference vulnerability in Linux Kernel drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-16646 | NULL Pointer Dereference vulnerability in Linux Kernel drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-16645 | Out-of-bounds Read vulnerability in Linux Kernel The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-11-07 | CVE-2017-16644 | 7PK - Errors vulnerability in Linux Kernel The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device. | 6.6 |