Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-10-13 CVE-2016-3638 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP SLD Registration
SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623.
local
low complexity
sap CWE-119
5.5
5.5
2016-10-13 CVE-2016-8564 SQL Injection vulnerability in Siemens Automation License Manager 5.3
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.
network
low complexity
siemens CWE-89
6.5
6.5
2016-10-13 CVE-2016-7959 7PK - Security Features vulnerability in Siemens Simatic Step 7
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
local
high complexity
siemens CWE-254
4.7
4.7
2016-10-10 CVE-2016-1000155 Cross-site Scripting vulnerability in Wpsolr Wpsolr-Search-Engine 7.6
Reflected XSS in wordpress plugin wpsolr-search-engine v7.6
network
low complexity
wpsolr CWE-79
6.1
6.1
2016-10-10 CVE-2016-1000154 Cross-site Scripting vulnerability in Browserweb Whizz
Reflected XSS in wordpress plugin whizz v1.0.7
network
low complexity
browserweb CWE-79
6.1
6.1
2016-10-10 CVE-2016-1000153 Cross-site Scripting vulnerability in Tidio-Gallery Project Tidio-Gallery 1.1
Reflected XSS in wordpress plugin tidio-gallery v1.1
network
low complexity
tidio-gallery-project CWE-79
6.1
6.1
2016-10-10 CVE-2016-1000152 Cross-site Scripting vulnerability in Tidio-Form Project Tidio-Form 1.0
Reflected XSS in wordpress plugin tidio-form v1.0
network
low complexity
tidio-form-project CWE-79
6.1
6.1
2016-10-10 CVE-2016-1000151 Cross-site Scripting vulnerability in Tera-Charts Project Tera-Charts 1.0
Reflected XSS in wordpress plugin tera-charts v1.0
network
low complexity
tera-charts-project CWE-79
6.1
6.1
2016-10-10 CVE-2016-1000150 Cross-site Scripting vulnerability in Oxil Simplified-Content 1.0.0
Reflected XSS in wordpress plugin simplified-content v1.0.0
network
low complexity
oxil CWE-79
6.1
6.1
2016-10-10 CVE-2016-1000149 Cross-site Scripting vulnerability in Simpel-Reserveren Project Simpel-Reserveren 3.5.2
Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
network
low complexity
simpel-reserveren-project CWE-79
6.1
6.1