Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-20 | CVE-2015-2826 | Information Exposure vulnerability in Simple ADS Manager Project Simple ADS Manager 2.5.94/2.5.96 WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote attackers to obtain sensitive information. | 5.3 |
| 2017-09-20 | CVE-2015-1866 | Cross-site Scripting vulnerability in Emberjs Ember.Js 1.10.0/1.11.0/1.11.1 Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x before 1.10.1 and 1.11.x before 1.11.2. | 6.1 |
| 2017-09-20 | CVE-2015-1865 | Race Condition vulnerability in GNU Coreutils 8.4 fts.c in coreutils 8.4 allows local users to delete arbitrary files. | 4.7 |
| 2017-09-20 | CVE-2014-9758 | Cross-site Scripting vulnerability in Magento 1.9.0.1 Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1. | 6.1 |
| 2017-09-20 | CVE-2016-8738 | Improper Input Validation vulnerability in Apache Struts In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. | 5.9 |
| 2017-09-20 | CVE-2017-9649 | Use of Hard-coded Credentials vulnerability in Mirion Technologies products A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). | 5.0 |
| 2017-09-20 | CVE-2017-9645 | Inadequate Encryption Strength vulnerability in Mirion products An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). | 6.5 |
| 2017-09-20 | CVE-2015-5248 | Improper Input Validation vulnerability in Redhat Feedhenry Enterprise Mobile Application Platform Reflected file download vulnerability in Red Hat Feedhenry Enterprise Mobile Application Platform. | 6.5 |
| 2017-09-20 | CVE-2015-4072 | Cross-site Scripting vulnerability in Helpdesk PRO Project Helpdesk PRO Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and message. | 5.4 |
| 2017-09-20 | CVE-2017-14604 | Improper Input Validation vulnerability in multiple products GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. | 6.5 |