Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2017-6394 | Cross-site Scripting vulnerability in Open-Emr Openemr 5.0.1 Multiple Cross-Site Scripting (XSS) issues were discovered in OpenEMR 5.0.0 and 5.0.1-dev. | 6.1 |
| 2017-03-02 | CVE-2017-6393 | Cross-site Scripting vulnerability in Nagvis 1.9 An issue was discovered in NagVis 1.9b12. | 6.1 |
| 2017-03-02 | CVE-2017-6392 | Cross-site Scripting vulnerability in Kaltura Server An issue was discovered in Kaltura server Lynx-12.11.0. | 6.1 |
| 2017-03-02 | CVE-2017-6391 | Cross-site Scripting vulnerability in Kaltura Server An issue was discovered in Kaltura server Lynx-12.11.0. | 6.1 |
| 2017-03-02 | CVE-2017-6390 | Cross-site Scripting vulnerability in Soruly Whatanime.Ga 34C7155C6Fd82B7746Fe8B56Eb89Bf278553C421 An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. | 6.1 |
| 2017-03-02 | CVE-2017-6415 | NULL Pointer Dereference vulnerability in Radare Radare2 1.2.1 The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. | 5.5 |
| 2017-03-02 | CVE-2017-6387 | Out-of-bounds Read vulnerability in Radare Radare2 1.2.1 The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file. | 5.5 |
| 2017-03-02 | CVE-2016-10228 | Improper Input Validation vulnerability in GNU Glibc The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | 5.9 |
| 2017-03-01 | CVE-2016-8232 | Cross-site Scripting vulnerability in IBM Advanced Management Module Firmware Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information. | 6.1 |
| 2017-03-01 | CVE-2016-5932 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. | 5.4 |