Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-31 | CVE-2014-8676 | Path Traversal vulnerability in Soplanning Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier allows remote attackers to determine the existence of arbitrary files via a .. | 5.3 |
| 2017-08-31 | CVE-2017-7855 | Cross-site Scripting vulnerability in Icewarp Server 11.3.1.5 In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter. | 6.1 |
| 2017-08-31 | CVE-2016-10510 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php. | 6.1 |
| 2017-08-31 | CVE-2016-10508 | Cross-site Scripting vulnerability in PHPthumb Project PHPthumb 1.7.11/1.7.12/1.7.13 Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() before 1.7.14 allow remote attackers to inject arbitrary web script or HTML via parameters in demo/phpThumb.demo.showpic.php. | 6.1 |
| 2017-08-31 | CVE-2017-14070 | Cross-site Scripting vulnerability in Nexusphp 1.5 Cross Site Scripting (XSS) exists in NexusPHP 1.5.beta5.20120707 via the PATH_INFO to ipsearch.php, related to PHP_SELF. | 6.1 |
| 2017-08-31 | CVE-2017-14060 | NULL Pointer Dereference vulnerability in multiple products In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file. | 6.5 |
| 2017-08-31 | CVE-2017-14059 | Excessive Iteration vulnerability in Ffmpeg 3.3.3 In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. | 6.5 |
| 2017-08-31 | CVE-2017-14058 | Infinite Loop vulnerability in Ffmpeg 3.3.3 In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop). | 6.5 |
| 2017-08-31 | CVE-2017-14057 | Excessive Iteration vulnerability in Ffmpeg 3.3.3 In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. | 6.5 |
| 2017-08-31 | CVE-2017-14056 | Excessive Iteration vulnerability in Ffmpeg 3.3.3 In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. | 6.5 |