Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-02	CVE-2017-1000424	Unspecified vulnerability in Atom Electron Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control. network low complexity atom	4.3
2018-01-02	CVE-2017-1000457	Cross-site Scripting vulnerability in Mojoportal 2.5.0.0 Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. network low complexity mojoportal CWE-79	4.8
2018-01-02	CVE-2017-1557	Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with authority to send a specially crafted request that could cause a channel process to cease processing further requests. network low complexity ibm	4.3
2018-01-02	CVE-2017-1000455	Origin Validation Error vulnerability in GNU Guixsd GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix. local low complexity gnu CWE-346	5.5
2018-01-02	CVE-2017-1000413	Information Exposure vulnerability in Linaro Op-Tee Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key. network high complexity linaro CWE-200	5.9
2018-01-02	CVE-2017-1000445	NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service network low complexity imagemagick debian canonical CWE-476	6.5
2018-01-02	CVE-2017-1000443	Cross-site Scripting vulnerability in Openhacker Project Openhacker 0.1.47 Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser. network low complexity openhacker-project CWE-79	6.1
2018-01-02	CVE-2017-1000442	Cross-site Scripting vulnerability in Passbolt API Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspace network low complexity passbolt CWE-79	5.4
2018-01-02	CVE-2017-9965	Path Traversal vulnerability in Schneider-Electric Pelco Videoxpert An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. network low complexity schneider-electric CWE-22	5.8
2018-01-02	CVE-2017-9964	Path Traversal vulnerability in Schneider-Electric Pelco Videoxpert A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. network high complexity schneider-electric CWE-22	6.9

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium