Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-12 | CVE-2015-7562 | Cross-site Scripting vulnerability in Teampass Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role. | 6.1 |
| 2017-04-12 | CVE-2016-8719 | Cross-site Scripting vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 6.1 |
| 2017-04-12 | CVE-2017-7742 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | 5.5 |
| 2017-04-12 | CVE-2017-7741 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. | 5.5 |
| 2017-04-12 | CVE-2017-7716 | Out-of-bounds Read vulnerability in Radare Radare2 1.3.0 The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. | 5.5 |
| 2017-04-12 | CVE-2017-3125 | Cross-site Scripting vulnerability in Fortinet Fortimail An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL crafted by the attacker. | 6.1 |
| 2017-04-12 | CVE-2017-3053 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files. | 5.5 |
| 2017-04-12 | CVE-2017-3052 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format. | 5.5 |
| 2017-04-12 | CVE-2017-3046 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing. | 5.5 |
| 2017-04-12 | CVE-2017-3045 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box. | 5.5 |