Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-14 | CVE-2017-9624 | Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data. | 6.1 |
2017-06-14 | CVE-2017-9623 | Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data. | 6.1 |
2017-06-14 | CVE-2017-9622 | Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data. | 6.1 |
2017-06-14 | CVE-2017-9621 | Cross-site Scripting vulnerability in Epesi Cross-site scripting (XSS) vulnerability in modules/Base/Lang/Administrator/update_translation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) original or (2) new parameter. | 6.1 |
2017-06-14 | CVE-2017-4986 | Information Exposure vulnerability in EMC Secure Remote Services 3.18 EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system. | 5.3 |
2017-06-14 | CVE-2017-9617 | Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector. | 5.5 |
2017-06-14 | CVE-2017-9616 | Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. | 5.5 |
2017-06-14 | CVE-2017-9464 | Open Redirect vulnerability in Piwigo An open redirect vulnerability is present in Piwigo 2.9 and probably prior versions, allowing remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. | 6.1 |
2017-06-14 | CVE-2017-9463 | SQL Injection vulnerability in Piwigo The application Piwigo is affected by a SQL injection vulnerability in version 2.9.0 and possibly prior. | 6.5 |
2017-06-14 | CVE-2017-7677 | Missing Authorization vulnerability in Apache Ranger In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table. | 5.9 |