Skip to main content
CVE-2017-1310 MEDIUM PATCH This Month

IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow IBM Informix Dynamic Server
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-3750 MEDIUM This Month

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Google Privilege Escalation Lenovo Android
NVD
CVSS 3.0
6.4
EPSS
0.0%
CVE-2017-3749 MEDIUM This Month

On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Google Privilege Escalation Lenovo Android
NVD
CVSS 3.0
6.4
EPSS
0.0%
CVE-2017-10673 MEDIUM PATCH This Month

admin/profile.php in GetSimple CMS 3.x has XSS in a name field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Getsimple Cms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2017-10667 MEDIUM This Month

In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Zen Cart
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-8575 MEDIUM PATCH This Month

The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application, aka "Microsoft Graphics. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.5
EPSS
2.1%
CVE-2017-3747 MEDIUM This Month

Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Lenovo Nerve Center
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8554 MEDIUM PATCH This Month

The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
1.3%
CVE-2017-5529 MEDIUM This Month

JasperReports library components contain an information disclosure vulnerability. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jasperreports Library Community Edition Jasperreports Library For Activematrix Bpm Jasperreports Professional Jasperreports Server +5
NVD
CVSS 3.0
4.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy