Skip to main content
CVE-2016-7419 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server before 9.0.4 and Nextcloud Server before 9.0.52 allows remote authenticated users to inject. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Nextcloud Nextcloud Server Owncloud
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-6644 MEDIUM This Month

EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Documentum D2
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-6401 MEDIUM This Month

Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Cisco Denial Of Service Carrier Routing System
NVD
CVSS 3.0
5.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy