Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-13 | CVE-2017-13724 | Cross-site Scripting vulnerability in Axesstel Mu553S Firmware Mu553Sv1.14 On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page. | 5.4 |
| 2017-09-13 | CVE-2017-14410 | Out-of-bounds Read vulnerability in Mp3Gain 1.5.2 A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. | 5.5 |
| 2017-09-13 | CVE-2017-14408 | Out-of-bounds Read vulnerability in Mp3Gain 1.5.2 A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. | 5.5 |
| 2017-09-13 | CVE-2017-14407 | Out-of-bounds Read vulnerability in Mp3Gain 1.5.2 A stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2. | 5.5 |
| 2017-09-13 | CVE-2017-14406 | NULL Pointer Dereference vulnerability in Mp3Gain 1.5.2 A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. | 5.5 |
| 2017-09-13 | CVE-2017-8758 | Cross-site Scripting vulnerability in Microsoft Exchange Server 2016 Microsoft Exchange Server 2016 allows an elevation of privilege vulnerability when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Cross-Site Scripting Vulnerability." | 6.1 |
| 2017-09-13 | CVE-2017-8754 | Improper Input Validation vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 4.2 |
| 2017-09-13 | CVE-2017-8746 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka "Device Guard Security Feature Bypass Vulnerability". | 5.3 |
| 2017-09-13 | CVE-2017-8745 | Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation 2013 An elevation of privilege vulnerability exists in Microsoft SharePoint Foundation 2013 Service Pack 1 when it does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Cross Site Scripting Vulnerability". | 5.4 |
| 2017-09-13 | CVE-2017-8739 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". | 4.3 |