Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-6637 | Improper Input Validation vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
| 2017-05-22 | CVE-2017-6636 | Path Traversal vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. | 6.5 |
| 2017-05-22 | CVE-2017-6635 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
| 2017-05-22 | CVE-2017-6630 | Unspecified vulnerability in Cisco IP Phone 8800 Series Firmware 11.0(0.1) A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 11.0(0.1) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.3 |
| 2017-05-21 | CVE-2017-9116 | Unspecified vulnerability in Openexr 2.2.0 In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash. | 6.5 |
| 2017-05-21 | CVE-2017-9114 | Unspecified vulnerability in Openexr 2.2.0 In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. | 6.5 |
| 2017-05-21 | CVE-2017-9112 | Unspecified vulnerability in Openexr 2.2.0 In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash. | 6.5 |
| 2017-05-21 | CVE-2017-9110 | Unspecified vulnerability in Openexr 2.2.0 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. | 6.5 |
| 2017-05-21 | CVE-2017-7620 | Cross-Site Request Forgery (CSRF) vulnerability in Mantisbt MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which leads to (1) arbitrary Permalink Injection via CSRF attacks on a permalink_page.php?url= URI and (2) an open redirect via a login_page.php?return= URI. | 6.5 |
| 2017-05-19 | CVE-2017-7475 | NULL Pointer Dereference vulnerability in Cairographics Cairo 1.15.4 Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash. | 5.5 |