Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-10841 | Path Traversal vulnerability in Webcalendar Project Webcalendar 1.2.7 Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | 4.9 |
| 2017-08-29 | CVE-2017-10840 | Cross-site Scripting vulnerability in Webcalendar Project Webcalendar 1.2.7 Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-08-29 | CVE-2017-10838 | Cross-site Scripting vulnerability in Seopanel SEO Panel Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-08-29 | CVE-2017-10837 | Cross-site Scripting vulnerability in Backup-Guard Backup Guard Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-08-29 | CVE-2017-10834 | Path Traversal vulnerability in Nippon-Antenna Scr02Hd Firmware 1.0.3.1000 Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | 6.5 |
| 2017-08-29 | CVE-2016-9732 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-29 | CVE-2016-2970 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. | 4.3 |
| 2017-08-28 | CVE-2017-13716 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29 The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | 5.5 |
| 2017-08-28 | CVE-2017-9979 | Cross-site Scripting vulnerability in Osnexus Quantastor 4.3.0 On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked. | 6.1 |
| 2017-08-28 | CVE-2017-9978 | Information Exposure vulnerability in Osnexus Quantastor 4.3.0 On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don't exist on the system. | 5.3 |