Browse CVEs
11,240 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2016-9451 | Confirmation forms in Drupal 7.x before 7.52 make it easi... | Medium | 6.8 | Medium Risk | Patched | 25-Nov-16 |
| CVE-2016-8579 | docker2aci <= 0.12.3 has an infinite loop when handling l... | Medium | 4.0 | Medium Risk | Patched | 28-Oct-16 |
| CVE-2016-1000031 | Apache Commons FileUpload before 1.3.3 DiskFileItem File ... | Critical | 9.8 | Medium Risk | Patched | 25-Oct-16 |
| CVE-2016-4436 | Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allo... | Critical | 9.8 | Medium Risk | Patched | 03-Oct-16 |
| CVE-2016-7405 | The qstr method in the PDO driver in the ADOdb Library fo... | Critical | 9.8 | Medium Risk | Patched | 03-Oct-16 |
| CVE-2016-5019 | CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0... | Critical | 9.8 | Medium Risk | Patched | 03-Oct-16 |
| CVE-2015-1832 | XML external entity (XXE) vulnerability in the SqlXmlUtil... | Critical | 9.1 | Medium Risk | Patched | 03-Oct-16 |
| CVE-2016-6637 | Multiple cross-site request forgery (CSRF) vulnerabilitie... | Critical | 9.6 | Medium Risk | Patched | 30-Sep-16 |
| CVE-2016-7191 | The Microsoft Azure Active Directory Passport (aka Passpo... | High | 8.1 | Medium Risk | Patched | 28-Sep-16 |
| CVE-2016-4978 | The getObject method of the javax.jms.ObjectMessage class... | High | 7.2 | Medium Risk | Patched | 27-Sep-16 |