Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-21 | CVE-2017-7994 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 6.5 |
| 2017-04-21 | CVE-2016-6519 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form. | 5.4 |
| 2017-04-21 | CVE-2017-7992 | Cross-site Scripting vulnerability in Heartland Payment Systems Heartland-PHP Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2.8.17 is vulnerable to a reflected XSS in examples/consumer-authentication/cruise.php via the URI, as demonstrated by the cavv parameter. | 6.1 |
| 2017-04-21 | CVE-2016-4841 | Improper Input Validation vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers. | 4.3 |
| 2017-04-21 | CVE-2016-4840 | Improper Certificate Validation vulnerability in Toshiba Coordinate Plus 1.0.2 Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates. | 5.9 |
| 2017-04-21 | CVE-2016-4832 | Improper Certificate Validation vulnerability in Aeon Waon 1.4.1 WAON "Service Application" for Android 1.4.1 and earlier does not verify SSL certificates. | 5.9 |
| 2017-04-21 | CVE-2016-4830 | Improper Certificate Validation vulnerability in Akindo-Sushiro Sushiro Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates. | 5.9 |
| 2017-04-21 | CVE-2016-4829 | Improper Certificate Validation vulnerability in DMM PPV Play Player 1.2.0/2.1.2 DMM Movie Player App for Android before 1.2.1, and DMM Movie Player App for iPhone/iPad before 2.1.3 does not verify SSL certificates. | 5.9 |
| 2017-04-21 | CVE-2016-1194 | Resource Management Errors vulnerability in Cybozu Garoon 4.2.0 Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service. | 6.5 |
| 2017-04-21 | CVE-2016-1184 | Improper Certificate Validation vulnerability in Tokyostarbank Tokyo Star Bank 1.3 Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates. | 5.9 |