Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-22 | CVE-2017-6188 | Improper Input Validation vulnerability in multiple products Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. | 5.5 |
| 2017-02-22 | CVE-2016-8986 | Improper Access Control vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. | 6.5 |
| 2017-02-22 | CVE-2016-8915 | Improper Access Control vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. | 6.5 |
| 2017-02-22 | CVE-2016-3052 | Information Exposure vulnerability in IBM Websphere MQ Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. | 5.9 |
| 2017-02-22 | CVE-2016-3013 | Data Processing Errors vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. | 6.5 |
| 2017-02-22 | CVE-2016-9910 | Cross-site Scripting vulnerability in Html5Lib 0.99999999 The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909. | 6.1 |
| 2017-02-22 | CVE-2016-9909 | Cross-site Scripting vulnerability in Html5Lib 0.99999999 The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values. | 6.1 |
| 2017-02-22 | CVE-2016-9384 | Information Exposure vulnerability in XEN 4.7.0/4.7.1 Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table. | 6.5 |
| 2017-02-22 | CVE-2016-9378 | Improper Access Control vulnerability in XEN Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery. | 5.5 |
| 2017-02-22 | CVE-2016-9377 | Incorrect Calculation vulnerability in XEN Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation. | 5.5 |