Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-28	CVE-2017-9249	Cross-site Scripting vulnerability in Allen Disk Project Allen Disk 1.6 Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. network low complexity allen-disk-project CWE-79	5.4
2017-05-28	CVE-2017-9243	Cross-site Scripting vulnerability in Aries Networks Qwr-1104 Wireless-N Router Firmware Wrc.253.2.0913 Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point. network low complexity aries-networks CWE-79	6.1
2017-05-28	CVE-2017-7296	Cross-site Scripting vulnerability in Contiki-Os Contiki 3.0 An issue was discovered in Contiki Operating System 3.0. network low complexity contiki-os CWE-79	6.1
2017-05-28	CVE-2016-10376	Cryptographic Issues vulnerability in Gajim Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. network low complexity gajim CWE-310	4.5
2017-05-27	CVE-2017-9242	Improper Input Validation vulnerability in Linux Kernel The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. local low complexity linux CWE-20	5.5
2017-05-27	CVE-2017-7343	Open Redirect vulnerability in Fortinet Fortiportal An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter. network low complexity fortinet CWE-601	6.1
2017-05-27	CVE-2017-7339	Cross-site Scripting vulnerability in Fortinet Fortiportal A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality. network low complexity fortinet CWE-79	6.1
2017-05-27	CVE-2017-3129	Cross-site Scripting vulnerability in Fortinet Fortiweb A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature. network low complexity fortinet CWE-79	6.1
2017-05-27	CVE-2017-3126	Open Redirect vulnerability in Fortinet Fortianalyzer Firmware and Fortimanager Firmware An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter. network low complexity fortinet CWE-601	6.1
2017-05-26	CVE-2017-5646	Origin Validation Error vulnerability in Apache Knox For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. network high complexity apache CWE-346	6.8

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium