Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2017-6103 | Cross-site Scripting vulnerability in Anyvar Project Anyvar 0.1.1 Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1. | 6.1 |
| 2017-03-02 | CVE-2017-6102 | Cross-site Scripting vulnerability in Rockhoist Badges Project Rockhoist Badges Plugin 1.2.2 Persistent XSS in wordpress plugin rockhoist-badges v1.2.2. | 6.1 |
| 2017-03-02 | CVE-2016-10071 | Out-of-bounds Read vulnerability in Imagemagick coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | 5.5 |
| 2017-03-02 | CVE-2016-10069 | Improper Input Validation vulnerability in multiple products coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. | 5.5 |
| 2017-03-02 | CVE-2016-10068 | Improper Input Validation vulnerability in multiple products The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | 5.5 |
| 2017-03-02 | CVE-2016-10062 | 7PK - Errors vulnerability in Imagemagick The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | 5.5 |
| 2017-03-02 | CVE-2016-10060 | Unchecked Return Value vulnerability in Imagemagick The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | 6.5 |
| 2017-03-02 | CVE-2017-6410 | Cleartext Transmission of Sensitive Information vulnerability in KDE Kdelibs kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. | 5.5 |
| 2017-03-02 | CVE-2017-6404 | Incorrect Default Permissions vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. | 5.5 |
| 2017-03-02 | CVE-2017-6402 | Unspecified vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. | 6.5 |