Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-13 | CVE-2017-1508 | Unspecified vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. | 6.7 |
2017-09-13 | CVE-2017-7560 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Rhnsd It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes. | 5.5 |
2017-09-13 | CVE-2017-14420 | Improper Certificate Validation vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used on D-Link DIR-850L REV. | 5.9 |
2017-09-13 | CVE-2017-14419 | Improper Certificate Validation vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used on D-Link DIR-850L REV. | 5.9 |
2017-09-13 | CVE-2017-14416 | Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 6.1 |
2017-09-13 | CVE-2017-14415 | Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 6.1 |
2017-09-13 | CVE-2017-14414 | Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 6.1 |
2017-09-13 | CVE-2017-14413 | Cross-site Scripting vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 6.1 |
2017-09-13 | CVE-2017-3165 | Cross-site Scripting vulnerability in Apache Brooklyn In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. | 5.4 |
2017-09-13 | CVE-2017-14124 | Improper Privilege Management vulnerability in Unicon-Software RP In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions. | 6.3 |