Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2016-1220 Improper Access Control vulnerability in Cybozu Garoon
Cybozu Garoon before 4.2.2 does not properly restrict access.
network
low complexity
cybozu CWE-284
4.3
4.3
2017-04-20 CVE-2016-1217 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2.
network
low complexity
cybozu CWE-79
6.1
6.1
2017-04-20 CVE-2016-1216 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2.
network
low complexity
cybozu CWE-79
6.1
6.1
2017-04-20 CVE-2016-1215 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the "User details" function in Cybozu Garoon before 4.2.2.
network
low complexity
cybozu CWE-79
6.1
6.1
2017-04-20 CVE-2016-1214 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2.
network
low complexity
cybozu CWE-79
6.1
6.1
2017-04-20 CVE-2016-1213 Open Redirect vulnerability in Cybozu Garoon
The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites.
network
low complexity
cybozu CWE-601
6.1
6.1
2017-04-20 CVE-2015-8959 Resource Management Errors vulnerability in Imagemagick
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
network
low complexity
imagemagick CWE-399
6.5
6.5
2017-04-20 CVE-2015-8958 Out-of-bounds Read vulnerability in Imagemagick
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-20 CVE-2015-8957 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
network
low complexity
imagemagick CWE-119
6.5
6.5
2017-04-20 CVE-2017-7718 Out-of-bounds Read vulnerability in multiple products
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.
local
low complexity
qemu debian CWE-125
5.5
5.5