Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-6917 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.2.16 CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2017-6916 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.1.8 CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2017-6915 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.1.8 CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2016-7103 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | 6.1 |
| 2017-03-15 | CVE-2017-6443 | Cross-site Scripting vulnerability in Epson Tmnet Webconfig 1.00 Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1. | 6.1 |
| 2017-03-15 | CVE-2017-6430 | Out-of-bounds Read vulnerability in Ettercap-Project Ettercap The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter. | 5.5 |
| 2017-03-15 | CVE-2017-5579 | Memory Leak vulnerability in multiple products Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. | 6.5 |
| 2017-03-15 | CVE-2017-5578 | Memory Leak vulnerability in Qemu Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. | 6.5 |
| 2017-03-15 | CVE-2017-5552 | Memory Leak vulnerability in Qemu Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. | 6.5 |
| 2017-03-15 | CVE-2017-5537 | Information Exposure vulnerability in Weblate The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests. | 5.3 |