Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-14 | CVE-2017-1152 | Session Fixation vulnerability in IBM Financial Transaction Manager 3.0.1.0/3.0.2.0 IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. | 4.3 |
| 2017-04-14 | CVE-2016-8927 | Cross-site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-04-14 | CVE-2016-8926 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. | 4.3 |
| 2017-04-14 | CVE-2016-8925 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. | 6.5 |
| 2017-04-14 | CVE-2017-7457 | XXE vulnerability in Moxa Mx-Aopc Server 1.5 XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure. | 5.0 |
| 2017-04-14 | CVE-2017-7217 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. | 4.3 |
| 2017-04-13 | CVE-2016-8725 | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. | 5.3 |
| 2017-04-13 | CVE-2016-8724 | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 5.3 |
| 2017-04-13 | CVE-2016-8722 | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. | 5.3 |
| 2017-04-13 | CVE-2016-8720 | Injection vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 4.3 |