Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-17 | CVE-2017-11664 | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 6.5 |
| 2017-08-17 | CVE-2017-11663 | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 6.5 |
| 2017-08-16 | CVE-2016-5858 | Information Exposure vulnerability in Google Android In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. | 4.7 |
| 2017-08-16 | CVE-2016-5855 | Information Exposure vulnerability in Google Android In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. | 4.7 |
| 2017-08-16 | CVE-2016-5854 | Information Exposure vulnerability in Google Android In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. | 4.7 |
| 2017-08-16 | CVE-2016-5347 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | 4.7 |
| 2017-08-15 | CVE-2017-12855 | Information Exposure vulnerability in XEN Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. | 6.5 |
| 2017-08-14 | CVE-2017-1190 | Unspecified vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary code on the system. | 6.4 |
| 2017-08-14 | CVE-2016-6029 | Information Exposure vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2017-08-14 | CVE-2016-6021 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. | 5.4 |