Skip to main content
CVE-2016-9194 MEDIUM This Month

A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Wireless Lan Controller 6 0 Wireless Lan Controller 7 0 +3
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-1000307 MEDIUM This Month

Multiple Cross Site Scripting (XSS) Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via (1) profile_desc, about_me, schools,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Clipbucket
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-10319 MEDIUM PATCH This Month

In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow Buffer Overflow Arm Trusted Firmware
NVD GitHub
CVSS 3.0
5.9
EPSS
0.4%
CVE-2017-7454 MEDIUM PATCH This Month

The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Imageworsener
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-7453 MEDIUM PATCH This Month

The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Imageworsener
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-7452 MEDIUM PATCH This Month

The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Imageworsener
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-5349 MEDIUM PATCH This Month

The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Google Qualcomm Information Disclosure Privilege Escalation +1
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2015-4673 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the collection_description parameter to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Clipbucket
NVD
CVSS 3.0
5.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy