Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-27 | CVE-2016-9922 | Divide By Zero vulnerability in Qemu The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values. | 5.5 |
2017-03-27 | CVE-2016-7474 | Information Exposure vulnerability in F5 products In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information. | 5.5 |
2017-03-27 | CVE-2015-8310 | Cross-site Scripting vulnerability in Fomori Cherrymusic 0.35.2 Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist. | 5.4 |
2017-03-27 | CVE-2015-8309 | Path Traversal vulnerability in Fomori Cherrymusic 0.35.2 Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download." | 4.3 |
2017-03-27 | CVE-2017-6067 | Cross-site Scripting vulnerability in Getsymphony Symphony 2.6.9 Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom form field. | 6.1 |
2017-03-27 | CVE-2017-6003 | Cross-site Scripting vulnerability in Dotcms 3.7.0 dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. | 6.1 |
2017-03-26 | CVE-2017-5622 | Incorrect Default Permissions vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. | 5.9 |
2017-03-26 | CVE-2017-2645 | Cross-site Scripting vulnerability in Moodle In Moodle 3.x, XSS can occur via attachments to evidence of prior learning. | 6.1 |
2017-03-26 | CVE-2017-2644 | Cross-site Scripting vulnerability in Moodle In Moodle 3.x, XSS can occur via evidence of prior learning. | 6.1 |
2017-03-26 | CVE-2017-2643 | Information Exposure vulnerability in Moodle 3.2.0/3.2.1 In Moodle 3.2.x, global search displays user names for unauthenticated users. | 5.3 |