Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-23 | CVE-2017-16596 | Information Exposure vulnerability in Netgain-Systems Enterprise Manager 7.2.730 This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. | 6.5 |
| 2018-01-23 | CVE-2017-16595 | Information Exposure vulnerability in Netgain-Systems Enterprise Manager 7.2.730 This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. | 6.5 |
| 2018-01-23 | CVE-2017-16594 | Improper Input Validation vulnerability in Netgain-Systems Enterprise Manager 7.2.730 This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. | 6.5 |
| 2018-01-23 | CVE-2017-16593 | Exposure of Resource to Wrong Sphere vulnerability in Netgain-Systems Enterprise Manager 7.2.730 This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. | 6.5 |
| 2018-01-23 | CVE-2017-16592 | Information Exposure vulnerability in Netgain-Systems Enterprise Manager 7.2.730 This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. | 6.5 |
| 2018-01-23 | CVE-2017-16591 | Information Exposure vulnerability in Netgain-Systems Enterprise Manager 7.2.699 This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. | 6.5 |
| 2018-01-23 | CVE-2018-6014 | Information Exposure vulnerability in Subsonic 6.1.3 Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash cross-domain policy that allows an attacker to retrieve sensitive user information via a read request. | 6.5 |
| 2018-01-23 | CVE-2018-6013 | Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS 4.2.19 Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter. | 5.4 |
| 2018-01-22 | CVE-2017-1000417 | Improper Certificate Validation vulnerability in Matrixssl 3.7.2 MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. | 5.3 |
| 2018-01-22 | CVE-2017-1000416 | Off-by-one Error vulnerability in Axtls Project Axtls 1.5.3 axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050. | 5.3 |