Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-07 | CVE-2017-2911 | Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. | 5.9 |
| 2017-11-07 | CVE-2017-12096 | Authentication Bypass by Spoofing vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi management of Circle with Disney. | 6.5 |
| 2017-11-07 | CVE-2017-12094 | Command Injection vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. | 6.5 |
| 2017-11-07 | CVE-2017-12084 | Missing Authorization vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. | 6.6 |
| 2017-11-07 | CVE-2017-12083 | Information Exposure vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. | 5.3 |
| 2017-11-06 | CVE-2017-13680 | Unspecified vulnerability in Symantec Endpoint Protection 14 Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. | 5.5 |
| 2017-11-06 | CVE-2017-16637 | Improper Input Validation vulnerability in Perfect-Privacy VPN Manager 1.10.10/1.10.11 In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. | 4.4 |
| 2017-11-06 | CVE-2017-16636 | Cross-site Scripting vulnerability in Bludit 1.5.2/2.0.1 In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. | 5.4 |
| 2017-11-06 | CVE-2017-16635 | Cross-site Scripting vulnerability in Tinywebgallery 2.4 In TinyWebGallery v2.4, an XSS vulnerability is located in the `mkname`, `mkitem`, and `item` parameters of the `Add/Create` module. | 5.4 |
| 2017-11-06 | CVE-2017-14025 | Improper Input Validation vulnerability in Hitachienergy Fox515T Firmware 1.0 An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. | 5.5 |