Skip to main content
CVE-2015-7744 MEDIUM POC This Month

wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Wolfssl Leap Opensuse +1
NVD
CVSS 3.1
5.9
EPSS
2.7%
CVE-2016-1571 MEDIUM This Month

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Canonical Denial Of Service Xenserver Xen
NVD
CVSS 3.0
6.3
EPSS
0.3%
CVE-2016-1135 MEDIUM This Month

Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Wmr 300 Firmware Wex 300 Firmware Wmr 433 Firmware Bhr 4Grv2 Firmware +4
NVD
CVSS 3.0
6.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy