Multiple cross-site scripting (XSS) vulnerabilities in WebProcess.srv in IBM TRIRIGA Application Platform 3.2.x and 3.3.x before 3.3.1.2 allow remote authenticated users to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
IBM
XSS
Tririga Application Platform
NVD
CVSS 2.0
3.5
EPSS
0.2%
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a. Rated low severity (CVSS 1.9).
Denial Of Service
Libvirt
Opensuse
NVD
CVSS 2.0
1.9
EPSS
0.1%