Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2015-0572 | Race Condition vulnerability in Linux Kernel Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call. | 4.4 |
| 2016-10-07 | CVE-2016-1000007 | Cross-site Scripting vulnerability in Redhat Pagure 2.2.1 Pagure 2.2.1 XSS in raw file endpoint | 4.3 |
| 2016-10-07 | CVE-2016-1000001 | Open Redirect vulnerability in Flask-Oidc Project Flask-Oidc 0.1.0/0.1.1/0.1.2 flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect | 5.8 |
| 2016-10-07 | CVE-2016-7424 | NULL Pointer Dereference vulnerability in multiple products The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. | 5.5 |
| 2016-10-07 | CVE-2016-6273 | Denial of Service vulnerability in Citrix License Server and License Server VPX The lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) before 2015 SP5 and 2016 before R1 SP1, as used by Citrix License Server for Windows before 11.14.0.1 and Citrix License Server VPX before 11.14.0.1, allows remote attackers to cause a denial of service (crash) via a type 2F packet with a '01 19' opcode. | 5.0 |
| 2016-10-07 | CVE-2015-2080 | Information Exposure vulnerability in multiple products The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak. | 5.0 |
| 2016-10-06 | CVE-2016-1000114 | Cross-site Scripting vulnerability in Huge-It Gallery 1.1.5 XSS in huge IT gallery v1.1.5 for Joomla | 4.3 |
| 2016-10-06 | CVE-2016-1000009 | 7PK - Security Features vulnerability in Tp-Link TP-LINK lost control of two domains, www.tplinklogin.net and tplinkextender.net. | 5.0 |
| 2016-10-06 | CVE-2015-1000013 | Unrestricted Upload of File with Dangerous Type vulnerability in Csv2Wpec-Coupon Project Csv2Wpec-Coupon 1.1 Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v1.1 | 5.0 |
| 2016-10-06 | CVE-2015-1000012 | Information Exposure vulnerability in Mypixs Project Mypixs 0.3 Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin | 5.0 |