Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2017-12077 | Resource Exhaustion vulnerability in Synology Router Manager Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack. | 4.9 |
| 2017-08-28 | CVE-2017-12076 | Resource Exhaustion vulnerability in Synology Diskstation Manager Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack. | 4.9 |
| 2017-08-28 | CVE-2015-0233 | 7PK - Security Features vulnerability in Fedoraproject 389 Administration Server 1.1.37 Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38. | 4.2 |
| 2017-08-28 | CVE-2014-8163 | Path Traversal vulnerability in Redhat Satellite 5.0 Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5. | 6.5 |
| 2017-08-28 | CVE-2013-7430 | Cross-site Scripting vulnerability in Mapsplugin Googlemaps 3.0 Cross-site scripting (XSS) vulnerability in the Googlemaps plugin before 3.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the xmlns parameter. | 6.1 |
| 2017-08-28 | CVE-2015-3976 | Cross-site Scripting vulnerability in GE products Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier. | 5.4 |
| 2017-08-28 | CVE-2015-2046 | Cross-site Scripting vulnerability in Mantisbt Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20. | 6.1 |
| 2017-08-28 | CVE-2015-1177 | Cross-site Scripting vulnerability in Exponentcms Exponent CMS 2.3.2 Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2. | 6.1 |
| 2017-08-28 | CVE-2015-0210 | Improper Certificate Validation vulnerability in W1.Fi WPA Supplicant 2.016 wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack. | 5.9 |
| 2017-08-28 | CVE-2015-0101 | Cross-site Scripting vulnerability in IBM Business Process Manager Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; and IBM Business Process Manager Advanced 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5. | 6.1 |