Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-07 CVE-2016-10040 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in QT Qxmlsimplereader 4.8.5
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
local
low complexity
qt CWE-119
5.5
5.5
2017-03-07 CVE-2013-5653 Information Exposure vulnerability in multiple products
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
local
low complexity
artifex debian CWE-200
5.5
5.5
2017-03-07 CVE-2017-6508 CRLF Injection vulnerability in GNU Wget
CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
network
low complexity
gnu CWE-93
6.1
6.1
2017-03-06 CVE-2017-5197 Cross-site Scripting vulnerability in Silverstripe
There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2.
network
low complexity
silverstripe CWE-79
6.1
6.1
2017-03-06 CVE-2017-6504 Improper Input Validation vulnerability in Qbittorrent
WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking.
network
low complexity
qbittorrent CWE-20
6.1
6.1
2017-03-06 CVE-2017-6503 Cross-site Scripting vulnerability in Qbittorrent
WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.
network
low complexity
qbittorrent CWE-79
6.1
6.1
2017-03-06 CVE-2017-6502 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.9.7
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick CWE-119
5.5
5.5
2017-03-06 CVE-2017-6501 NULL Pointer Dereference vulnerability in Imagemagick 6.9.7
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick CWE-476
5.5
5.5
2017-03-06 CVE-2017-6500 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-125
5.5
5.5
2017-03-06 CVE-2017-6499 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in Magick++ in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-772
5.5
5.5