Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2016-10228 | Improper Input Validation vulnerability in GNU Glibc The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | 5.9 |
| 2017-03-01 | CVE-2016-8232 | Cross-site Scripting vulnerability in IBM Advanced Management Module Firmware Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information. | 6.1 |
| 2017-03-01 | CVE-2016-5932 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. | 5.4 |
| 2017-03-01 | CVE-2017-6353 | Double Free vulnerability in Linux Kernel net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. | 5.5 |
| 2017-03-01 | CVE-2017-6348 | Unspecified vulnerability in Linux Kernel The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices. | 5.5 |
| 2017-03-01 | CVE-2016-9830 | Improper Input Validation vulnerability in multiple products The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | 5.5 |
| 2017-03-01 | CVE-2017-5981 | Reachable Assertion vulnerability in Zziplib Project Zziplib 0.13.62 seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file. | 5.5 |
| 2017-03-01 | CVE-2017-5980 | NULL Pointer Dereference vulnerability in Zziplib Project Zziplib 0.13.62 The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | 5.5 |
| 2017-03-01 | CVE-2017-5979 | NULL Pointer Dereference vulnerability in Zziplib Project Zziplib 0.13.62 The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | 5.5 |
| 2017-03-01 | CVE-2017-5978 | Out-of-bounds Read vulnerability in Zziplib Project Zziplib 0.13.62 The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file. | 5.5 |