Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-1000128 | Cross-site Scripting vulnerability in Anti-Plagiarism Project Anti-Plagiarism 3.60 Reflected XSS in wordpress plugin anti-plagiarism v3.60 | 4.3 |
| 2016-10-10 | CVE-2016-1000127 | Cross-site Scripting vulnerability in Ajax-Random-Post Project Ajax-Random-Post 2.00 Reflected XSS in wordpress plugin ajax-random-post v2.00 | 4.3 |
| 2016-10-10 | CVE-2016-1000126 | Cross-site Scripting vulnerability in Admin-Font-Editor Project Admin-Font-Editor 1.8 Reflected XSS in wordpress plugin admin-font-editor v1.8 | 4.3 |
| 2016-10-10 | CVE-2016-7423 | Unspecified vulnerability in Qemu The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors involving MPTSASRequest objects. | 4.4 |
| 2016-10-10 | CVE-2016-7099 | Data Processing Errors vulnerability in multiple products The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | 4.3 |
| 2016-10-10 | CVE-2016-5325 | HTTP Response Splitting vulnerability in multiple products CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument. | 4.3 |
| 2016-10-10 | CVE-2016-6689 | Information Exposure vulnerability in Google Android Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347. | 4.3 |
| 2016-10-10 | CVE-2016-6688 | Information Exposure vulnerability in Google Android The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080. | 4.3 |
| 2016-10-10 | CVE-2016-6687 | Information Exposure vulnerability in Google Android The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222. | 4.3 |
| 2016-10-10 | CVE-2016-6686 | Information Exposure vulnerability in Google Android The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101. | 4.3 |