Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2016-9732 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-29 | CVE-2016-2970 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. | 4.3 |
| 2017-08-28 | CVE-2017-13716 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29 The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | 5.5 |
| 2017-08-28 | CVE-2017-9979 | Cross-site Scripting vulnerability in Osnexus Quantastor 4.3.0 On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked. | 6.1 |
| 2017-08-28 | CVE-2017-9978 | Information Exposure vulnerability in Osnexus Quantastor 4.3.0 On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don't exist on the system. | 5.3 |
| 2017-08-28 | CVE-2017-3735 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. | 5.3 |
| 2017-08-28 | CVE-2017-12954 | Out-of-bounds Read vulnerability in Libgig0 Libgig 4.0.0 The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file. | 6.5 |
| 2017-08-28 | CVE-2017-12953 | Out-of-bounds Write vulnerability in Libgig0 Libgig 4.0.0 The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file. | 6.5 |
| 2017-08-28 | CVE-2017-12952 | NULL Pointer Dereference vulnerability in Libgig0 Libgig 4.0.0 The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file. | 6.5 |
| 2017-08-28 | CVE-2017-12951 | Out-of-bounds Read vulnerability in Libgig0 Libgig 4.0.0 The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file. | 6.5 |