Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2016-7514 Out-of-bounds Read vulnerability in Imagemagick
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-20 CVE-2016-7513 Numeric Errors vulnerability in Imagemagick
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
network
low complexity
imagemagick CWE-189
6.5
6.5
2017-04-20 CVE-2016-5010 Out-of-bounds Read vulnerability in Imagemagick
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-20 CVE-2016-4844 Information Exposure vulnerability in Cybozu Mailwise
Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.
network
low complexity
cybozu CWE-200
4.3
4.3
2017-04-20 CVE-2016-4843 Information Exposure vulnerability in Cybozu Mailwise
Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.
network
low complexity
cybozu CWE-200
6.5
6.5
2017-04-20 CVE-2016-4842 Information Exposure vulnerability in Cybozu Mailwise
Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read.
network
low complexity
cybozu CWE-200
4.3
4.3
2017-04-20 CVE-2016-4818 Improper Certificate Validation vulnerability in DMM products
DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Android 1.5.0 and earlier, and GAITAMEJAPAN FX Trade for Android 1.4.0 and earlier do not verify SSL certificates.
network
high complexity
dmm CWE-295
5.9
5.9
2017-04-20 CVE-2016-1220 Improper Access Control vulnerability in Cybozu Garoon
Cybozu Garoon before 4.2.2 does not properly restrict access.
network
low complexity
cybozu CWE-284
4.3
4.3
2017-04-20 CVE-2016-1217 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2.
network
low complexity
cybozu CWE-79
6.1
6.1
2017-04-20 CVE-2016-1216 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2.
network
low complexity
cybozu CWE-79
6.1
6.1