Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-22 | CVE-2017-3631 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Oracle Solaris 11 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 5.3 |
| 2017-06-22 | CVE-2017-3630 | Out-of-bounds Write vulnerability in Oracle Solaris 10/11 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 5.3 |
| 2017-06-21 | CVE-2017-9782 | Out-of-bounds Read vulnerability in Jasper Project Jasper 2.0.12 JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. | 5.5 |
| 2017-06-21 | CVE-2017-7918 | Improper Privilege Management vulnerability in Cambium Networks products An Improper Access Control issue was discovered in Cambium Networks ePMP. | 6.8 |
| 2017-06-21 | CVE-2017-6053 | Cross-site Scripting vulnerability in Trihedral Vtscada A Cross-Site Scripting issue was discovered in Trihedral VTScada Versions prior to 11.2.26. | 6.1 |
| 2017-06-21 | CVE-2017-9781 | Cross-site Scripting vulnerability in Check MK Project Check MK 1.4.0 A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x prior to 1.4.0p6, allowing an unauthenticated remote attacker to inject arbitrary HTML or JavaScript via the _username parameter when attempting authentication to webapi.py, which is returned unencoded with content type text/html. | 6.1 |
| 2017-06-21 | CVE-2017-9773 | Improper Input Validation vulnerability in Horde Image Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver. | 5.7 |
| 2017-06-21 | CVE-2017-1304 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Elastic Storage Server IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server (ESS)/GPFS Storage Server (GSS) during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a write to a Spectrum Scale file. | 6.2 |
| 2017-06-21 | CVE-2017-1117 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a denial of service to the MQXR channel when trace is enabled. | 5.3 |
| 2017-06-21 | CVE-2017-2829 | Path Traversal vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. | 6.5 |