Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-3331 | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 6.5 |
| 2017-04-24 | CVE-2017-3305 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). | 5.3 |
| 2017-04-24 | CVE-2017-3304 | Unspecified vulnerability in Oracle Mysql Cluster Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: DD). | 5.4 |
| 2017-04-24 | CVE-2017-3288 | Unspecified vulnerability in Oracle Flexcube Investor Servicing Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). | 5.4 |
| 2017-04-24 | CVE-2017-3232 | Unspecified vulnerability in Oracle Automatic Service Request Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). | 5.5 |
| 2017-04-24 | CVE-2016-5016 | Improper Certificate Validation vulnerability in Pivotal Software products Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired. | 5.9 |
| 2017-04-24 | CVE-2010-1776 | 7PK - Security Features vulnerability in Apple Iphone OS Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe account to wipe the device. | 4.8 |
| 2017-04-24 | CVE-2017-8104 | Path Traversal vulnerability in Mybb In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter. | 5.3 |
| 2017-04-24 | CVE-2017-8103 | Cross-site Scripting vulnerability in Mybb In MyBB before 1.8.11, the Email MyCode component allows XSS, as demonstrated by an onmouseover event. | 6.1 |
| 2017-04-24 | CVE-2017-8102 | Cross-site Scripting vulnerability in S9Y Serendipity 2.1 Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. | 5.4 |