Skip to main content
CVE-2015-7780 MEDIUM POC THREAT This Month

Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.2%.

Path Traversal Zoho Manageengine Firewall Analyzer
NVD
CVSS 3.0
6.5
EPSS
36.2%
CVE-2015-7895 MEDIUM POC This Month

Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Authentication Bypass Samsung Samsung Mobile
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
0.3%
CVE-2015-7898 MEDIUM POC This Month

Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Authentication Bypass Samsung Samsung Mobile
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
0.2%
CVE-2015-3840 MEDIUM POC This Month

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-7522 MEDIUM This Month

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Openvpn
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-9972 MEDIUM PATCH This Month

IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

IBM Privilege Escalation Qradar Security Information And Event Manager
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2017-7521 MEDIUM This Month

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension(). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Openvpn
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2017-9257 MEDIUM This Month

The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-9256 MEDIUM This Month

The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-9255 MEDIUM This Month

The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-9254 MEDIUM This Month

The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-9253 MEDIUM This Month

The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-9222 MEDIUM This Month

The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-9223 MEDIUM This Month

The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-9221 MEDIUM This Month

The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-9220 MEDIUM This Month

The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-9219 MEDIUM This Month

The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-9218 MEDIUM This Month

The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Freeware Advanced Audio Decoder 2
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2015-8697 MEDIUM This Month

stalin 0.11-5 allows local users to write to arbitrary files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Stalin
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-1234 MEDIUM PATCH This Month

IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Qradar Security Information And Event Manager
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-1328 MEDIUM PATCH This Month

IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Authentication Bypass Api Connect
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-6083 MEDIUM PATCH This Month

IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Tivoli Monitoring
NVD
CVSS 3.0
5.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy