Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-15 | CVE-2016-4048 | Unspecified vulnerability in Open-Xchange Appsuite 7.8.1 An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 4.3 |
| 2016-12-15 | CVE-2016-4047 | XXE vulnerability in Open-Xchange Appsuite 7.8.1 An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. | 4.3 |
| 2016-12-15 | CVE-2016-4046 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.8.1 An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 5.8 |
| 2016-12-15 | CVE-2016-4045 | Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.1 An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 6.1 |
| 2016-12-15 | CVE-2016-4026 | Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.1 An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 6.1 |
| 2016-12-15 | CVE-2016-3173 | Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.0 An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. | 5.4 |
| 2016-12-15 | CVE-2016-2840 | Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.8.0 An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. | 6.1 |
| 2016-12-14 | CVE-2016-3685 | Use of Hard-coded Credentials vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338. | 4.7 |
| 2016-12-14 | CVE-2016-3684 | Unspecified vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338. | 4.7 |
| 2016-12-14 | CVE-2016-4443 | Information Exposure Through Log Files vulnerability in Redhat Enterprise Virtualization 3.6 Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file. | 5.5 |