Skip to main content
CVE-2017-0705 MEDIUM POC This Month

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Broadcom Google Information Disclosure Android
NVD GitHub
CVSS 3.0
6.8
EPSS
0.1%
CVE-2017-10975 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Lutim before 0.8 might allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in an upload notification. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lutim
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-0706 MEDIUM This Month

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Broadcom Google Android
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-1236 MEDIUM This Month

IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM Websphere Mq
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-10972 MEDIUM PATCH This Month

Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure X Server
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-10973 MEDIUM This Month

In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF PHP Finecms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8932 MEDIUM PATCH This Month

A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Go Suse Package Hub For Suse Linux Enterprise Fedora Leap
NVD GitHub
CVSS 3.0
5.9
EPSS
1.5%
CVE-2017-10967 MEDIUM This Month

In FineCMS before 2017-07-06, application\core\controller\config.php allows XSS in the (1) key_name, (2) key_value, and (3) meaning parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Finecms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-0691 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0708 MEDIUM This Month

A information disclosure vulnerability in the HTC sound driver. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0699 MEDIUM This Month

A information disclosure vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0698 MEDIUM This Month

A information disclosure vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0669 MEDIUM This Month

A information disclosure vulnerability in the Android framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0668 MEDIUM This Month

A information disclosure vulnerability in the Android framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0690 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0672 MEDIUM This Month

A denial of service vulnerability in the Android libraries. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0697 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0696 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0695 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google Denial Of Service Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0694 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0693 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0692 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0689 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0688 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0686 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0685 MEDIUM This Month

A denial of service vulnerability in the Android media framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0670 MEDIUM This Month

A denial of service vulnerability in the Android framework. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-10970 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Cacti
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy