Browse CVEs
11,240 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2016-10127 | PySAML2 allows remote attackers to conduct XML external e... | Critical | 9.0 | Medium Risk | 03-Mar-17 | |
| CVE-2017-5946 | The Zip::File component in the rubyzip gem before 1.2.1 f... | Critical | 9.8 | Medium Risk | Patched | 27-Feb-17 |
| CVE-2016-10134 | SQL injection vulnerability in Zabbix before 2.2.14 and 3... | Critical | 9.8 | Medium Risk | Patched | 17-Feb-17 |
| CVE-2016-9814 | The validateSignature method in the SAML2\Utils class in ... | Critical | 9.1 | Medium Risk | Patched | 17-Feb-17 |
| CVE-2016-5100 | Froxlor before 0.9.35 uses the PHP rand function for rand... | Critical | 9.8 | Medium Risk | Patched | 13-Feb-17 |
| CVE-2017-5954 | An issue was discovered in the serialize-to-js package 0.... | Critical | 9.8 | Medium Risk | 10-Feb-17 | |
| CVE-2016-2403 | Symfony before 2.8.6 and 3.x before 3.0.6 allows remote a... | Critical | 9.8 | Medium Risk | Patched | 07-Feb-17 |
| CVE-2016-9639 | Salt before 2015.8.11 allows deleted minions to read or w... | Critical | 9.1 | Medium Risk | Patched | 07-Feb-17 |
| CVE-2016-7036 | python-jose before 1.3.2 allows attackers to have unspeci... | Critical | 9.8 | Medium Risk | Patched | 23-Jan-17 |
| CVE-2015-8857 | The uglify-js package before 2.4.24 for Node.js does not ... | Critical | 9.8 | Medium Risk | Patched | 23-Jan-17 |