Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-12 | CVE-2017-1278 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. | 5.4 |
| 2017-06-12 | CVE-2017-1276 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-12 | CVE-2017-1247 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-12 | CVE-2017-1214 | Information Exposure vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. | 5.7 |
| 2017-06-12 | CVE-2017-7665 | Cross-site Scripting vulnerability in Apache Nifi In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient. | 6.1 |
| 2017-06-12 | CVE-2017-9548 | Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching a Home Template Edit Page action and entering the Navigation Title of a page that is scheduled for future publication (aka a pending page change). | 5.4 |
| 2017-06-12 | CVE-2017-9547 | Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS admin.php in BigTree through 4.2.18 has a Cross-site Scripting (XSS) vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication (aka a pending page change). | 5.4 |
| 2017-06-12 | CVE-2017-9546 | Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS admin.php in BigTree through 4.2.18 allows remote authenticated users to cause a denial of service (inability to save revisions) via XSS sequences in a revision name. | 5.7 |
| 2017-06-12 | CVE-2017-9128 | Out-of-bounds Read vulnerability in Libquicktime 1.2.4 The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted mp4 file. | 6.5 |
| 2017-06-12 | CVE-2017-9127 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libquicktime 1.2.4 The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file. | 6.5 |