Browse CVEs
11,252 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2018-9845 | Etherpad Lite before 1.6.4 is exploitable for admin access. | Critical | 9.8 | Medium Risk | Patched | 29-Apr-18 |
| CVE-2017-15691 | In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx p... | Medium | 6.5 | Medium Risk | Patched | 26-Apr-18 |
| CVE-2018-1338 | A carefully crafted (or fuzzed) file can trigger an infin... | Medium | 5.5 | Medium Risk | Patched | 25-Apr-18 |
| CVE-2018-1339 | A carefully crafted (or fuzzed) file can trigger an infin... | Medium | 5.5 | Medium Risk | Patched | 25-Apr-18 |
| CVE-2017-7893 | In SaltStack Salt before 2016.3.6, compromised salt-minio... | Critical | 9.8 | Medium Risk | Patched | 23-Apr-18 |
| CVE-2018-10225 | thinkphp 3.1.3 has SQL Injection via the index.php s para... | Critical | 9.8 | Medium Risk | 19-Apr-18 | |
| CVE-2018-8092 | Mautic before 2.13.0 allows CSV injection. | Critical | 9.8 | Medium Risk | Patched | 18-Apr-18 |
| CVE-2018-1325 | In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0... | Medium | 6.1 | Medium Risk | Patched | 18-Apr-18 |
| CVE-2017-0359 | diffoscope before 77 writes to arbitrary locations on dis... | Critical | 9.8 | Medium Risk | 13-Apr-18 | |
| CVE-2018-1275 | Spring Framework, versions 5.0 prior to 5.0.5 and version... | Critical | 9.8 | Medium Risk | Patched | 11-Apr-18 |