Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-28 CVE-2017-9979 Cross-site Scripting vulnerability in Osnexus Quantastor 4.3.0
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked.
network
low complexity
osnexus CWE-79
6.1
6.1
2017-08-28 CVE-2017-9978 Information Exposure vulnerability in Osnexus Quantastor 4.3.0
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don't exist on the system.
network
low complexity
osnexus CWE-200
5.3
5.3
2017-08-28 CVE-2017-3735 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread.
network
low complexity
openssl debian CWE-119
5.3
5.3
2017-08-28 CVE-2017-12954 Out-of-bounds Read vulnerability in Libgig0 Libgig 4.0.0
The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file.
network
low complexity
libgig0 CWE-125
6.5
6.5
2017-08-28 CVE-2017-12953 Out-of-bounds Write vulnerability in Libgig0 Libgig 4.0.0
The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file.
network
low complexity
libgig0 CWE-787
6.5
6.5
2017-08-28 CVE-2017-12952 NULL Pointer Dereference vulnerability in Libgig0 Libgig 4.0.0
The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
network
low complexity
libgig0 CWE-476
6.5
6.5
2017-08-28 CVE-2017-12951 Out-of-bounds Read vulnerability in Libgig0 Libgig 4.0.0
The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file.
network
low complexity
libgig0 CWE-125
6.5
6.5
2017-08-28 CVE-2017-12950 NULL Pointer Dereference vulnerability in Linuxsampler Libgig 4.0.0
The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
network
low complexity
linuxsampler CWE-476
6.5
6.5
2017-08-28 CVE-2017-12925 Double Free vulnerability in Libfpx Project Libfpx 1.3.1
Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image.
network
low complexity
libfpx-project CWE-415
6.5
6.5
2017-08-28 CVE-2017-12924 Divide By Zero vulnerability in Libfpx Project Libfpx 1.3.1
CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted fpx image.
network
low complexity
libfpx-project CWE-369
6.5
6.5