Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-12-11 CVE-2016-6615 Cross-site Scripting vulnerability in PHPmyadmin
XSS issues were discovered in phpMyAdmin.
network
low complexity
phpmyadmin CWE-79
6.1
6.1
2016-12-11 CVE-2016-6614 Path Traversal vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features.
network
high complexity
phpmyadmin CWE-22
6.8
6.8
2016-12-11 CVE-2016-6613 Information Exposure vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin.
network
high complexity
phpmyadmin CWE-200
5.3
5.3
2016-12-11 CVE-2016-6612 Information Exposure vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin.
network
low complexity
phpmyadmin CWE-200
6.5
6.5
2016-12-11 CVE-2016-6610 Information Exposure vulnerability in PHPmyadmin
A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk.
network
low complexity
phpmyadmin CWE-200
4.3
4.3
2016-12-11 CVE-2016-6608 Cross-site Scripting vulnerability in PHPmyadmin
XSS issues were discovered in phpMyAdmin.
network
low complexity
phpmyadmin CWE-79
6.1
6.1
2016-12-11 CVE-2016-6607 Cross-site Scripting vulnerability in PHPmyadmin
XSS issues were discovered in phpMyAdmin.
network
low complexity
phpmyadmin CWE-79
6.1
6.1
2016-12-11 CVE-2016-4412 7PK - Security Features vulnerability in PHPmyadmin
An issue was discovered in phpMyAdmin.
network
high complexity
phpmyadmin CWE-254
4.4
4.4
2016-12-10 CVE-2016-7995 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.
local
low complexity
qemu opensuse CWE-772
6.0
6.0
2016-12-10 CVE-2016-7994 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands.
local
low complexity
qemu opensuse CWE-772
6.0
6.0