Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-07 | CVE-2017-12096 | Authentication Bypass by Spoofing vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi management of Circle with Disney. | 6.5 |
| 2017-11-07 | CVE-2017-12094 | Command Injection vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. | 6.5 |
| 2017-11-07 | CVE-2017-12084 | Missing Authorization vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. | 6.6 |
| 2017-11-07 | CVE-2017-12083 | Information Exposure vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. | 5.3 |
| 2017-11-06 | CVE-2017-13680 | Unspecified vulnerability in Symantec Endpoint Protection 14 Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. | 5.5 |
| 2017-11-06 | CVE-2017-16637 | Improper Input Validation vulnerability in Perfect-Privacy VPN Manager 1.10.10/1.10.11 In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. | 4.4 |
| 2017-11-06 | CVE-2017-16636 | Cross-site Scripting vulnerability in Bludit 1.5.2/2.0.1 In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. | 5.4 |
| 2017-11-06 | CVE-2017-16635 | Cross-site Scripting vulnerability in Tinywebgallery 2.4 In TinyWebGallery v2.4, an XSS vulnerability is located in the `mkname`, `mkitem`, and `item` parameters of the `Add/Create` module. | 5.4 |
| 2017-11-06 | CVE-2017-14025 | Improper Input Validation vulnerability in Hitachienergy Fox515T Firmware 1.0 An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. | 5.5 |
| 2017-11-06 | CVE-2017-14023 | Improper Input Validation vulnerability in Siemens Simatic Pcs7 and Simatic Wincc An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. | 4.9 |