Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-1517 Improper Input Validation vulnerability in Opencv 3.0.0
OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks.
local
low complexity
opencv CWE-20
5.5
5.5
2017-04-10 CVE-2015-8276 Information Exposure vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3
LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files.
local
low complexity
eparaksts CWE-200
5.5
5.5
2017-04-10 CVE-2015-8275 Improper Access Control vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3
LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files.
local
low complexity
eparaksts CWE-284
5.5
5.5
2017-04-10 CVE-2015-7275 Cross-site Scripting vulnerability in Dell Integrated Remote Access Controller Firmware
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS.
network
low complexity
dell CWE-79
6.1
6.1
2017-04-10 CVE-2015-6035 Cross-site Scripting vulnerability in Opsview
Opsview before 2015-11-06 has XSS via SNMP.
network
low complexity
opsview CWE-79
6.1
6.1
2017-04-10 CVE-2015-6027 Cross-site Scripting vulnerability in Castlerock Snmpc 12.1/9.0
Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP.
network
low complexity
castlerock CWE-79
6.1
6.1
2017-04-10 CVE-2015-6021 Cross-site Scripting vulnerability in Spiceworks Desktop
Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response.
network
low complexity
spiceworks CWE-79
6.1
6.1
2017-04-10 CVE-2015-2883 Cross-site Scripting vulnerability in Philips In.Sight B12037
Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php.
network
low complexity
philips CWE-79
5.4
5.4
2017-04-09 CVE-2017-7613 Improper Input Validation vulnerability in multiple products
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
local
low complexity
elfutils-project debian canonical CWE-20
5.5
5.5
2017-04-09 CVE-2017-7612 Out-of-bounds Read vulnerability in multiple products
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
local
low complexity
elfutils-project debian canonical CWE-125
5.5
5.5