Skip to main content
CVE-2017-7384 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in FlipBuilder Flip PDF allows remote attackers to inject arbitrary web script or HTML via the currentHTMLURL parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Flip Pdf
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-9331 MEDIUM POC PATCH This Month

The Agenda component in Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Utils/RecordBrowser/RecordBrowserCommon_0.php, which allows remote attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS PHP Epesi
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-7999 MEDIUM This Month

Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote authenticated users with certain privileges to cause a denial of service (E2 service outage) via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Atlassian Eucalyptus
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-3127 MEDIUM This Month

A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Fortinet Fortios
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-9336 MEDIUM This Month

The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Wp Editor Md
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-9337 MEDIUM This Month

The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS vulnerability in the content of a post. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Markdown On Save Improved
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6512 MEDIUM This Month

Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Ubuntu Linux Debian Linux
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2017-9060 MEDIUM PATCH This Month

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Qemu
NVD
CVSS 3.1
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy