Skip to main content
CVE-2017-9416 MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

Path Traversal Odoo
NVD GitHub
CVSS 3.0
6.5
EPSS
16.3%
CVE-2012-6705 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jamroom
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2014-9983 MEDIUM POC This Month

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Rar
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-3740 MEDIUM This Month

In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Lenovo Active Protection System
NVD
CVSS 3.0
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy