Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-06-14	CVE-2017-9624	Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data. network low complexity epesi CWE-79	6.1
2017-06-14	CVE-2017-9623	Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data. network low complexity epesi CWE-79	6.1
2017-06-14	CVE-2017-9622	Cross-site Scripting vulnerability in Epesi Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data. network low complexity epesi CWE-79	6.1
2017-06-14	CVE-2017-9621	Cross-site Scripting vulnerability in Epesi Cross-site scripting (XSS) vulnerability in modules/Base/Lang/Administrator/update_translation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) original or (2) new parameter. network low complexity epesi CWE-79	6.1
2017-06-14	CVE-2017-4986	Information Exposure vulnerability in EMC Secure Remote Services 3.18 EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system. network low complexity emc CWE-200	5.3
2017-06-14	CVE-2017-9617	Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector. local low complexity wireshark CWE-674	5.5
2017-06-14	CVE-2017-9616	Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. local low complexity wireshark CWE-674	5.5
2017-06-14	CVE-2017-9464	Open Redirect vulnerability in Piwigo An open redirect vulnerability is present in Piwigo 2.9 and probably prior versions, allowing remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. network low complexity piwigo CWE-601	6.1
2017-06-14	CVE-2017-9463	SQL Injection vulnerability in Piwigo The application Piwigo is affected by a SQL injection vulnerability in version 2.9.0 and possibly prior. network low complexity piwigo CWE-89	6.5
2017-06-14	CVE-2017-7677	Missing Authorization vulnerability in Apache Ranger In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table. network high complexity apache CWE-862	5.9

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium