Vulnerabilities > Watchguard > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-20 | CVE-2017-14615 | Cross-site Scripting vulnerability in Watchguard Fireware An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. | 6.1 |
| 2017-05-05 | CVE-2017-8060 | Improper Certificate Validation vulnerability in Watchguard Panda Mobile Security 1.1 Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | 5.9 |
| 2017-04-30 | CVE-2017-8339 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Watchguard Panda Antivirus 18.0 PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver. | 5.5 |
| 2017-04-22 | CVE-2017-8056 | XXE vulnerability in Watchguard Fireware 11.0.2/11.1/11.2.1 WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. | 5.3 |
| 2017-04-22 | CVE-2017-8055 | Information Exposure Through Discrepancy vulnerability in Watchguard Fireware 11.0.2/11.1/11.2.1 WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. | 5.3 |