Skip to main content
CVE-2017-6394 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in OpenEMR 5.0.0 and 5.0.1-dev. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Openemr
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2017-6396 MEDIUM POC PATCH This Month

An issue was discovered in WPO-Foundation WebPageTest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6102 MEDIUM POC This Month

Persistent XSS in wordpress plugin rockhoist-badges v1.2.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Rockhoist Badges Plugin
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6397 MEDIUM POC This Month

An issue was discovered in FlightAirMap v1.0-beta.10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Flightairmap
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2016-9892 MEDIUM POC This Month

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Eset Apple RCE Endpoint Antivirus Endpoint Security
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2016-10060 MEDIUM PATCH This Month

The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2017-6402 MEDIUM This Month

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Netbackup Netbackup Appliance
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-6393 MEDIUM PATCH This Month

An issue was discovered in NagVis 1.9b12. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Nagvis
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6392 MEDIUM PATCH This Month

An issue was discovered in Kaltura server Lynx-12.11.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Kaltura Server
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6391 MEDIUM PATCH This Month

An issue was discovered in Kaltura server Lynx-12.11.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Kaltura Server
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6390 MEDIUM PATCH This Month

An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Whatanime Ga
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6395 MEDIUM PATCH This Month

An issue was discovered in HashOver 2.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Hashover
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6103 MEDIUM This Month

Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Anyvar
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-10228 MEDIUM This Month

The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Glibc
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2016-10068 MEDIUM PATCH This Month

The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Imagemagick Leap
NVD GitHub
CVSS 3.0
5.5
EPSS
0.8%
CVE-2016-10069 MEDIUM PATCH This Month

coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Imagemagick Leap
NVD GitHub
CVSS 3.0
5.5
EPSS
0.6%
CVE-2016-10071 MEDIUM PATCH This Month

coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2016-10062 MEDIUM This Month

The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2017-6410 MEDIUM PATCH This Month

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Kdelibs Kio
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-6387 MEDIUM PATCH This Month

The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Radare2
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-6415 MEDIUM PATCH This Month

The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Radare2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2017-6404 MEDIUM This Month

An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Netbackup Netbackup Appliance
NVD
CVSS 3.0
5.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy