Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-28 | CVE-2016-9259 | Cross-site Scripting vulnerability in Tenable Nessus Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2017-02-27 | CVE-2016-9818 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. | 6.5 |
| 2017-02-27 | CVE-2016-9817 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. | 6.5 |
| 2017-02-27 | CVE-2016-9816 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. | 6.5 |
| 2017-02-27 | CVE-2016-9815 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. | 6.5 |
| 2017-02-27 | CVE-2016-5240 | Improper Input Validation vulnerability in Graphicsmagick The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file. | 5.5 |
| 2017-02-27 | CVE-2016-10029 | Out-of-bounds Read vulnerability in Qemu The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts. | 5.5 |
| 2017-02-27 | CVE-2016-10028 | Out-of-bounds Read vulnerability in Qemu The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0. | 5.5 |
| 2017-02-27 | CVE-2015-8903 | Infinite Loop vulnerability in Imagemagick The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. | 6.5 |
| 2017-02-27 | CVE-2015-8902 | Infinite Loop vulnerability in Imagemagick The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file. | 6.5 |