Skip to main content
CVE-2012-6697 HIGH PATCH This Week

InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Inspircd Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2015-4646 HIGH This Week

(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Squashfs
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2016-10326 HIGH PATCH This Week

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Osip
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-10325 HIGH PATCH This Week

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Osip
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-7853 HIGH PATCH This Week

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Osip
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2013-6648 HIGH PATCH This Week

SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Skia
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-1132 HIGH This Week

Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Shoplat
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-2567 LOW POC Monitor

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Samsung Galaxy S6 Firmware Galaxy Note 3 Firmware
NVD GitHub
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-2565 LOW POC Monitor

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Samsung Information Disclosure Galaxy S6 Firmware
NVD GitHub
CVSS 3.0
3.3
EPSS
0.1%
CVE-2015-8345 MEDIUM PATCH This Month

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2015-8864 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Leap Opensuse Roundcube Webmail Webmail
NVD GitHub
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-4068 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Leap Opensuse Roundcube Webmail Webmail
NVD GitHub
CVSS 3.0
6.1
EPSS
0.4%
CVE-2016-2104 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Red Hat Satellite
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-7626 MEDIUM PATCH This Month

The "Smart related articles" extension 1.1 for Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Smart Related Articles
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-7565 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.10.x, 1.11.x before 1.11.4, 1.12.x before 1.12.2, 1.13.x before 1.13.12, 2.0.x before 2.0.3, 2.1.x before 2.1.2, and 2.2.x before. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Ember Js
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-7854 MEDIUM PATCH This Month

The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Radare2
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2015-7740 MEDIUM This Month

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Huawei P7 Firmware P8 Ale Ul00 Firmware
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2015-8223 MEDIUM This Month

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Huawei P7 Firmware P8 Ale Ul00 Firmware
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2014-3887 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Rockdisk Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-3106 MEDIUM PATCH This Month

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Race Condition Information Disclosure Pulp
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-7627 MEDIUM PATCH This Month

The "Smart related articles" extension 1.1 for Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Smart Related Articles
NVD GitHub
CVSS 3.0
5.3
EPSS
0.2%
CVE-2015-1839 MEDIUM PATCH This Month

modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Information Disclosure Salt Fedora
NVD GitHub
CVSS 3.0
5.3
EPSS
0.1%
CVE-2015-1838 MEDIUM PATCH This Month

modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Information Disclosure Salt Fedora
NVD GitHub
CVSS 3.0
5.3
EPSS
0.1%
CVE-2016-10118 LOW Monitor

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
3.3
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy