Skip to main content
CVE-2014-9844 MEDIUM PATCH This Month

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Studio Onsite Opensuse +8
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2014-9845 MEDIUM PATCH This Month

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Studio Onsite Leap Opensuse +7
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-5956 MEDIUM PATCH This Month

The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Virglrenderer
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-5987 MEDIUM PATCH This Month

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-1146 MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-9694 MEDIUM PATCH This Month

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Rhapsody Design Manager
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-9696 MEDIUM PATCH This Month

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Rhapsody Design Manager
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-1610 MEDIUM This Month

hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation L2Switch
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-6356 MEDIUM This Month

Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Terminal Services Agent
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2017-1155 MEDIUM PATCH This Month

IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Algo One
NVD
CVSS 3.0
4.3
EPSS
0.5%
CVE-2016-8973 MEDIUM PATCH This Month

IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an authenticated user to upload infected malicious files to the server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

IBM File Upload Rational Rhapsody Design Manager
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-2406 MEDIUM This Month

The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Huawei Information Disclosure Document Security Management
NVD
CVSS 3.0
4.3
EPSS
0.1%
CVE-2016-9697 LOW PATCH Monitor

An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Rhapsody Design Manager
NVD
CVSS 3.0
3.1
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy