Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-23 | CVE-2017-1131 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. | 6.5 |
| 2017-06-23 | CVE-2016-5893 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. | 5.5 |
| 2017-06-23 | CVE-2017-3948 | Cross-site Scripting vulnerability in Mcafee Data Loss Prevention Endpoint Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session. | 5.4 |
| 2017-06-23 | CVE-2017-9356 | Cross-site Scripting vulnerability in Sitecore Sitecore.Net 7.1/7.2 Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI. | 6.1 |
| 2017-06-22 | CVE-2017-9775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | 6.5 |
| 2017-06-22 | CVE-2017-1326 | Improper Privilege Management vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling File Gateway does not properly restrict user requests based on permission level. | 4.3 |
| 2017-06-22 | CVE-2016-9983 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. | 5.3 |
| 2017-06-22 | CVE-2016-9982 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. | 6.5 |
| 2017-06-22 | CVE-2016-9747 | Cross-site Scripting vulnerability in IBM products IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-22 | CVE-2017-9815 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file. | 6.5 |