Skip to main content
CVE-2017-5873 MEDIUM POC This Month

Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Secure Partitioning
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2017-5672 MEDIUM POC This Month

Kony Enterprise Mobile Management (EMM) before 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Enterprise Mobile Management
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-7461 MEDIUM POC This Month

Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Nfc 30Ir Firmware
NVD Exploit-DB
CVSS 3.0
4.9
EPSS
7.8%
CVE-2017-7621 MEDIUM POC This Month

Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Emli
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2015-8504 MEDIUM PATCH This Month

Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2014-8354 MEDIUM This Month

The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2014-9837 MEDIUM PATCH This Month

coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2015-8613 MEDIUM PATCH This Month

Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2015-8568 MEDIUM PATCH This Month

Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service VMware Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2014-8716 MEDIUM This Month

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick
NVD
CVSS 3.0
6.2
EPSS
0.1%
CVE-2016-10259 MEDIUM This Month

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv800 Firmware Ssl Visibility Appliance Sv3800 Firmware Ssl Visibility Appliance Sv2800 Firmware
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2016-7467 MEDIUM This Month

The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager
NVD
CVSS 3.0
5.3
EPSS
1.6%
CVE-2014-8355 MEDIUM This Month

PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2017-7697 MEDIUM PATCH This Month

In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libsamplerate Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2014-8562 MEDIUM This Month

DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-5322 MEDIUM This Month

The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libtiff Debian Linux
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-5969 MEDIUM This Month

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Null Pointer Dereference Denial Of Service Libxml2
NVD
CVSS 3.0
4.7
EPSS
3.5%
CVE-2016-5011 MEDIUM PATCH This Month

The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Util Linux Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux Server +5
NVD
CVSS 3.1
4.6
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy