Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-15 | CVE-2017-0216 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0218, and CVE-2017-0219. | 5.3 |
| 2017-06-15 | CVE-2017-0215 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219. | 5.3 |
| 2017-06-15 | CVE-2017-0173 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219. | 5.3 |
| 2017-06-14 | CVE-2017-9624 | Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data. | 6.1 |
| 2017-06-14 | CVE-2017-9623 | Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data. | 6.1 |
| 2017-06-14 | CVE-2017-9622 | Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data. | 6.1 |
| 2017-06-14 | CVE-2017-9621 | Cross-site Scripting vulnerability in Epesi Cross-site scripting (XSS) vulnerability in modules/Base/Lang/Administrator/update_translation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) original or (2) new parameter. | 6.1 |
| 2017-06-14 | CVE-2017-4986 | Information Exposure vulnerability in EMC Secure Remote Services 3.18 EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system. | 5.3 |
| 2017-06-14 | CVE-2017-9617 | Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector. | 5.5 |
| 2017-06-14 | CVE-2017-9616 | Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. | 5.5 |