Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-11 | CVE-2016-6610 | Information Exposure vulnerability in PHPmyadmin A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. | 4.0 |
| 2016-12-11 | CVE-2016-6609 | Command Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.5 |
| 2016-12-11 | CVE-2016-6608 | Cross-site Scripting vulnerability in PHPmyadmin XSS issues were discovered in phpMyAdmin. | 4.3 |
| 2016-12-11 | CVE-2016-6607 | Cross-site Scripting vulnerability in PHPmyadmin XSS issues were discovered in phpMyAdmin. | 4.3 |
| 2016-12-11 | CVE-2016-6606 | Information Exposure vulnerability in PHPmyadmin An issue was discovered in cookie encryption in phpMyAdmin. | 5.0 |
| 2016-12-10 | CVE-2016-9832 | Injection vulnerability in PWC Ace-Advanced Business Application Programming 8.10.304 PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report. | 6.5 |
| 2016-12-10 | CVE-2016-7995 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes. | 6.0 |
| 2016-12-10 | CVE-2016-7466 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device. | 6.0 |
| 2016-12-10 | CVE-2016-7422 | Classic Buffer Overflow vulnerability in multiple products The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. | 6.0 |
| 2016-12-10 | CVE-2016-7421 | Excessive Iteration vulnerability in multiple products The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the ring size. | 4.4 |