Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-07 | CVE-2016-9245 | Improper Access Control vulnerability in F5 products In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. | 5.9 |
| 2017-03-07 | CVE-2017-6511 | Cross-site Scripting vulnerability in Finecms Project Finecms andrzuk/FineCMS before 2017-03-06 is vulnerable to a reflected XSS in index.php because of missing validation of the action parameter in application/classes/application.php. | 6.1 |
| 2017-03-07 | CVE-2017-1133 | Cross-site Scripting vulnerability in IBM products IBM QRadar 7.2 is vulnerable to cross-site scripting. | 5.4 |
| 2017-03-07 | CVE-2016-9730 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2017-03-07 | CVE-2016-9729 | Improper Authentication vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. | 6.5 |
| 2017-03-07 | CVE-2016-9725 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. | 5.3 |
| 2017-03-07 | CVE-2016-9723 | Cross-site Scripting vulnerability in IBM products IBM QRadar 7.2 is vulnerable to cross-site scripting. | 6.1 |
| 2017-03-07 | CVE-2016-9720 | Information Exposure vulnerability in IBM products IBM QRadar 7.2 discloses sensitive information to unauthorized users. | 5.3 |
| 2017-03-07 | CVE-2016-9693 | Improper Input Validation vulnerability in IBM Business Process Manager IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. | 6.1 |
| 2017-03-07 | CVE-2016-8971 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. | 6.5 |