Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-06 | CVE-2017-10970 | Cross-site Scripting vulnerability in Cacti 1.1.12 Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php. | 5.4 |
| 2017-07-05 | CVE-2017-8420 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Swftools 201304091007 SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x0000000000003e71" issue. | 6.5 |
| 2017-07-05 | CVE-2017-8387 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. | 5.5 |
| 2017-07-05 | CVE-2017-1157 | Information Exposure vulnerability in IBM Jazz Reporting Service 5.0/6.0 IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. | 4.3 |
| 2017-07-05 | CVE-2017-1096 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9989 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9988 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9987 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9986 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9700 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. | 4.3 |