Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-24 | CVE-2016-10006 | Cross-site Scripting vulnerability in Antisamy Project Antisamy In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. | 6.1 |
| 2016-12-23 | CVE-2016-9923 | Use After Free vulnerability in Qemu Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. | 5.5 |
| 2016-12-23 | CVE-2016-9921 | Divide By Zero vulnerability in multiple products Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. | 6.5 |
| 2016-12-23 | CVE-2016-9912 | Missing Release of Resource after Effective Lifetime vulnerability in Qemu Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. | 6.5 |
| 2016-12-23 | CVE-2016-9911 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. | 6.5 |
| 2016-12-23 | CVE-2016-9907 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. | 6.5 |
| 2016-12-23 | CVE-2016-7968 | Code Injection vulnerability in KDE Kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. | 6.5 |
| 2016-12-23 | CVE-2016-7787 | Code Injection vulnerability in multiple products A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | 4.9 |
| 2016-12-23 | CVE-2016-2312 | 7PK - Security Features vulnerability in multiple products Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. | 6.8 |
| 2016-12-23 | CVE-2016-6910 | Information Exposure vulnerability in Google Android 5.0.2/5.1.1/6.0.1 The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. | 5.5 |