Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3331 Unspecified vulnerability in Oracle Mysql
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle
6.5
2017-04-24 CVE-2017-3305 Cleartext Transmission of Sensitive Information vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API).
network
high complexity
oracle debian CWE-319
5.3
2017-04-24 CVE-2017-3304 Unspecified vulnerability in Oracle Mysql Cluster
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: DD).
network
low complexity
oracle
5.4
2017-04-24 CVE-2017-3288 Unspecified vulnerability in Oracle Flexcube Investor Servicing
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust).
network
low complexity
oracle
5.4
2017-04-24 CVE-2017-3232 Unspecified vulnerability in Oracle Automatic Service Request
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager).
local
low complexity
oracle
5.5
2017-04-24 CVE-2016-5016 Improper Certificate Validation vulnerability in Pivotal Software products
Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired.
network
high complexity
pivotal-software CWE-295
5.9
2017-04-24 CVE-2010-1776 7PK - Security Features vulnerability in Apple Iphone OS
Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe account to wipe the device.
network
high complexity
apple CWE-254
4.8
2017-04-24 CVE-2017-8104 Path Traversal vulnerability in Mybb
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter.
network
low complexity
mybb CWE-22
5.3
2017-04-24 CVE-2017-8103 Cross-site Scripting vulnerability in Mybb
In MyBB before 1.8.11, the Email MyCode component allows XSS, as demonstrated by an onmouseover event.
network
low complexity
mybb CWE-79
6.1
2017-04-24 CVE-2017-8102 Cross-site Scripting vulnerability in S9Y Serendipity 2.1
Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user.
network
low complexity
s9y CWE-79
5.4