Skip to main content
CVE-2017-3631 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Denial Of Service Oracle Solaris
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
10.9%
CVE-2017-3630 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Memory Corruption Denial Of Service Oracle Solaris
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
10.9%
CVE-2017-2782 MEDIUM POC This Month

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Matrixssl
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-9775 MEDIUM PATCH This Month

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Poppler Debian Linux Enterprise Linux Desktop +5
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-9815 MEDIUM This Month

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libtiff Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-9982 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Sterling B2b Integrator
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-9747 MEDIUM PATCH This Month

IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Engineering Lifecycle Manager Rational Collaborative Lifecycle Management
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9983 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Sterling B2b Integrator
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-1326 MEDIUM PATCH This Month

IBM Sterling File Gateway does not properly restrict user requests based on permission level. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

IBM Privilege Escalation Sterling B2b Integrator
NVD
CVSS 3.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy