Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2015-6021 | Cross-site Scripting vulnerability in Spiceworks Desktop Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. | 6.1 |
| 2017-04-10 | CVE-2015-2883 | Cross-site Scripting vulnerability in Philips In.Sight B12037 Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. | 5.4 |
| 2017-04-09 | CVE-2017-7613 | Improper Input Validation vulnerability in multiple products elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7612 | Out-of-bounds Read vulnerability in multiple products The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7611 | Out-of-bounds Read vulnerability in multiple products The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7610 | Out-of-bounds Read vulnerability in multiple products The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7609 | Improper Input Validation vulnerability in Elfutils Project Elfutils 0.168 elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7608 | Out-of-bounds Read vulnerability in multiple products The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7607 | Out-of-bounds Read vulnerability in Elfutils Project Elfutils 0.168 The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-04-09 | CVE-2017-7606 | Improper Input Validation vulnerability in Imagemagick 7.0.54 coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | 6.5 |