Skip to main content
CVE-2017-6541 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6537 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6544 MEDIUM POC This Month

Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuhu-master/www_admin/users.php (id parameter). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Wuhu
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6540 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6539 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6538 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6536 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6535 MEDIUM POC This Month

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6534 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6518 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the txtFrom parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sanacms
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6533 MEDIUM POC This Month

A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Webpagetest
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-0488 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0487 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0486 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0485 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0484 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0483 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0482 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-8483 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0336 MEDIUM PATCH This Month

An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nvidia Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-0334 MEDIUM PATCH This Month

An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nvidia Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-0494 MEDIUM This Month

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-0529 MEDIUM PATCH This Month

An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0495 MEDIUM This Month

An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0489 MEDIUM This Month

An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0490 MEDIUM This Month

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0499 MEDIUM This Month

A denial of service vulnerability in Audioserver could enable a local malicious application to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0496 MEDIUM PATCH This Month

A denial of service vulnerability in Setup Wizard could allow a local malicious application to temporarily block access to an affected device. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0492 MEDIUM This Month

An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0491 MEDIUM This Month

An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9985 MEDIUM PATCH This Month

IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Cognos Business Intelligence
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0498 MEDIUM This Month

A denial of service vulnerability in Setup Wizard could allow a local attacker to require Google account sign-in after a factory reset. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-9006 MEDIUM This Month

IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Urbancode Deploy
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-5894 MEDIUM PATCH This Month

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Websphere Commerce
NVD
CVSS 3.0
5.1
EPSS
0.1%
CVE-2017-0537 MEDIUM PATCH This Month

An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0534 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0533 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0531 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0461 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0459 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2016-8413 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2016-8477 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0536 MEDIUM PATCH This Month

An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0535 MEDIUM PATCH This Month

An information disclosure vulnerability in the HTC sound codec driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0452 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2016-8478 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2016-8416 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0497 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2017-0532 MEDIUM PATCH This Month

An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2016-5933 MEDIUM This Month

IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Tivoli Monitoring
NVD
CVSS 3.0
4.6
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy