Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-30 | CVE-2017-1445 | Cross-site Scripting vulnerability in IBM Emptoris Spend Analysis IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-30 | CVE-2017-1443 | Cross-site Scripting vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. | 6.1 |
| 2017-08-30 | CVE-2017-1441 | Unspecified vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. | 5.5 |
| 2017-08-30 | CVE-2017-14038 | Open Redirect vulnerability in Crushftp CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability. | 6.1 |
| 2017-08-30 | CVE-2017-14037 | CRLF Injection vulnerability in Crushftp CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability. | 6.1 |
| 2017-08-30 | CVE-2017-14036 | Cross-site Scripting vulnerability in Crushftp CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS. | 6.1 |
| 2017-08-30 | CVE-2017-9945 | Improper Input Validation vulnerability in Siemens 7KM PAC Switched Ethernet Profinet Expansion Module Firmware 2.1.2 In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. | 6.5 |
| 2017-08-30 | CVE-2016-5001 | Information Exposure vulnerability in Apache Hadoop This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. | 5.5 |
| 2017-08-30 | CVE-2016-6800 | Cross-site Scripting vulnerability in Apache Ofbiz The default configuration of the Apache OFBiz framework offers a blog functionality. | 6.1 |
| 2017-08-30 | CVE-2017-13778 | Cross-site Scripting vulnerability in Fiyo CMS 2.0.7 Fiyo CMS 2.0.7 has XSS in dapur\apps\app_config\sys_config.php via the site_name parameter. | 6.1 |