Skip to main content
CVE-2015-4409 MEDIUM PATCH This Month

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service Hikvision Ds 76Xxx Series Firmware Ds 77Xxx Series Firmware
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2015-4408 MEDIUM PATCH This Month

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service Hikvision Ds 76Xxx Series Firmware Ds 77Xxx Series Firmware
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2015-4407 MEDIUM PATCH This Month

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service Hikvision Ds 76Xxx Series Firmware Ds 77Xxx Series Firmware
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2014-3926 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Lg
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2017-6807 MEDIUM PATCH This Month

mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Mod Auth Mellon
NVD GitHub
CVSS 3.0
6.1
EPSS
0.4%
CVE-2017-5621 MEDIUM This Month

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5620 MEDIUM This Month

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-6671 MEDIUM PATCH This Month

Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Edx Platform
NVD GitHub
CVSS 3.1
5.9
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy