Skip to main content
CVE-2017-8219 MEDIUM POC This Month

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure C2 Firmware C20I Firmware
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-8217 MEDIUM POC This Month

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Authentication Bypass C2 Firmware C20I Firmware
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-7989 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload Joomla
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2017-7985 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Joomla
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-7987 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Joomla
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2017-7986 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Joomla
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2017-7984 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Joomla
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2017-8115 MEDIUM This Month

Directory traversal in setup/processors/url_search.php (aka the search page of an unused processor) in MODX Revolution 2.5.7 might allow remote attackers to obtain system directory information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP Modx Revolution
NVD GitHub
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-8057 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Joomla
NVD
CVSS 3.0
5.3
EPSS
0.0%
CVE-2017-7983 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Joomla
NVD
CVSS 3.0
5.3
EPSS
0.0%
CVE-2017-7988 MEDIUM PATCH This Month

In Joomla!. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Joomla
NVD
CVSS 3.0
5.3
EPSS
0.0%
CVE-2017-5625 MEDIUM This Month

In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Oxygenos
NVD
CVSS 3.0
4.6
EPSS
0.1%
CVE-2016-8030 MEDIUM PATCH This Month

A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Virusscan Enterprise
NVD
CVSS 3.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy