Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-31 | CVE-2017-1450 | Open Redirect vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-08-31 | CVE-2017-1449 | Open Redirect vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-08-31 | CVE-2017-1447 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-31 | CVE-2017-1444 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-31 | CVE-2016-0713 | Cross-site Scripting vulnerability in Cloudfoundry Cf-Release Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests. | 4.7 |
| 2017-08-31 | CVE-2017-14051 | Integer Overflow or Wraparound vulnerability in Linux Kernel An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access. | 4.4 |
| 2017-08-31 | CVE-2017-14049 | Cross-site Scripting vulnerability in Blackcat-Cms Blackcat CMS 1.2 In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows remote authenticated users to conduct XSS attacks via the Website header or Website footer field. | 5.4 |
| 2017-08-31 | CVE-2017-13670 | Unspecified vulnerability in Blackcat-Cms Blackcat CMS 1.2 In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajax_upload.php, as demonstrated by a ZIP archive that contains a .php file. | 6.5 |
| 2017-08-30 | CVE-2017-14042 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. | 6.5 |
| 2017-08-30 | CVE-2017-1446 | Cross-site Scripting vulnerability in IBM Emptoris Spend Analysis IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to cross-site scripting. | 5.4 |