Skip to main content
CVE-2017-6516 MEDIUM POC THREAT This Month

A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Linux Privilege Escalation Sysinfo
NVD Exploit-DB
CVSS 3.0
6.7
EPSS
21.4%
CVE-2016-8017 MEDIUM POC THREAT This Month

Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
4.1
EPSS
14.3%
CVE-2016-8025 MEDIUM POC This Month

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Intel SQLi Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
6.2
EPSS
1.8%
CVE-2016-8019 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Intel Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.3%
CVE-2016-10169 MEDIUM POC PATCH This Month

The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Wavpack
NVD GitHub
CVSS 3.0
5.5
EPSS
0.5%
CVE-2016-10172 MEDIUM POC PATCH This Month

The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Wavpack
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-10171 MEDIUM POC PATCH This Month

The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Wavpack
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-10170 MEDIUM POC PATCH This Month

The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Wavpack
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-8021 MEDIUM POC This Month

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Intel Jwt Attack Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
2.8%
CVE-2017-3000 MEDIUM PATCH This Month

Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.1%.

Adobe Information Disclosure Flash Player Flash Player Desktop Runtime
NVD
CVSS 3.1
6.5
EPSS
11.1%
CVE-2016-8018 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel CSRF Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
0.4%
CVE-2017-3899 MEDIUM This Month

SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel SQLi Advanced Threat Defense
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-8005 MEDIUM This Month

File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Privilege Escalation Email Gateway
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-8007 MEDIUM This Month

Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific. Rated medium severity (CVSS 6.3). No vendor patch available.

Authentication Bypass Host Intrusion Prevention Services
NVD
CVSS 3.0
6.3
EPSS
0.1%
CVE-2016-8011 MEDIUM PATCH This Month

Cross-site scripting vulnerability in Intel Security McAfee Endpoint Security (ENS) Web Control before 10.2.0.408.10 allows attackers to inject arbitrary web script or HTML via a crafted web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Intel Endpoint Security Web Control
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6877 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim 0.7.1 and earlier allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Lutim
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2014-9920 MEDIUM This Month

Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Intel Microsoft Authentication Bypass Application Control
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2017-6335 MEDIUM PATCH This Month

The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Graphicsmagick
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2015-8986 MEDIUM This Month

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Authentication Bypass Advanced Threat Defense
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-5957 MEDIUM PATCH This Month

Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU),. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service Virglrenderer
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2013-7461 MEDIUM PATCH This Month

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Authentication Bypass Application Control Change Control
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2013-7460 MEDIUM PATCH This Month

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Authentication Bypass Application Control Change Control
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2015-8987 MEDIUM PATCH This Month

Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Intel Authentication Bypass Agent
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-6883 MEDIUM PATCH This Month

The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required.

Buffer Overflow Denial Of Service Microsoft Information Disclosure Foxit Reader +1
NVD
CVSS 3.0
4.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy