Skip to main content
CVE-2017-5178 CRITICAL Act Now

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Schneider Electric Tableau Desktop Tableau Server +1
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2017-6541 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6537 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6544 MEDIUM POC This Month

Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuhu-master/www_admin/users.php (id parameter). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Wuhu
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6540 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6539 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6538 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6536 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6535 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6534 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6518 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the txtFrom parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sanacms
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6533 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-0478 HIGH This Week

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD GitHub
CVSS 3.0
7.8
EPSS
6.5%
CVE-2017-0505 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
3.8%
CVE-2017-0474 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2017-0473 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0472 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0471 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0470 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0469 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0468 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0467 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0466 HIGH This Week

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0477 HIGH This Week

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0476 HIGH This Week

A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0510 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-0338 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0337 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0335 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0333 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8479 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm RCE Google Privilege Escalation Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0508 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0455 HIGH PATCH This Week

An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm RCE Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0307 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0306 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0528 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0507 HIGH PATCH This Week

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-0504 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0475 HIGH This Week

An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0480 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0506 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0503 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0502 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0501 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0500 HIGH PATCH This Week

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0479 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0522 HIGH PATCH This Week

An elevation of privilege vulnerability in a MediaTek APK could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0509 HIGH PATCH This Week

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Broadcom Google RCE Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0481 HIGH This Week

An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-6543 HIGH This Week

Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Nessus Appliance
NVD
CVSS 3.0
7.3
EPSS
0.3%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy