Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-06-08	CVE-2017-9516	Cross-site Scripting vulnerability in Craftcms Craft CMS Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file. network low complexity craftcms CWE-79	5.4
2017-06-07	CVE-2015-3295	Improper Access Control vulnerability in Markdown-It Project Markdown-It 4.0.3 markdown-it before 4.1.0 does not block data: URLs. network low complexity markdown-it-project CWE-284	5.3
2017-06-07	CVE-2014-9310	Cross-site Scripting vulnerability in Wordpress Backup to Dropbox Project Wordpress Backup to Dropbox Cross-site scripting (XSS) vulnerability in the WordPress Backup to Dropbox plugin before 4.1 for WordPress. network low complexity wordpress-backup-to-dropbox-project CWE-79	6.1
2017-06-07	CVE-2015-8538	Improper Input Validation vulnerability in Libdwarf Project Libdwarf dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV). network low complexity libdwarf-project CWE-20	6.5
2017-06-07	CVE-2015-6959	Cross-site Scripting vulnerability in Vindula 1.9 Cross-site scripting (XSS) vulnerability in Vindula 1.9. network low complexity vindula CWE-79	5.4
2017-06-07	CVE-2015-6540	Cross-site Scripting vulnerability in Igcb Intellect Digital Core Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software. network low complexity igcb CWE-79	6.1
2017-06-07	CVE-2017-4905	Use of Uninitialized Resource vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. local low complexity vmware CWE-908	5.5
2017-06-07	CVE-2017-4900	NULL Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. local low complexity vmware CWE-476	5.5
2017-06-07	CVE-2017-4899	Out-of-bounds Read vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. local high complexity vmware CWE-125	4.7
2017-06-07	CVE-2017-1305	Cross-site Scripting vulnerability in IBM Rational Doors Next Generation 6.0.2/6.0.3 IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium