Skip to main content
CVE-2017-11503 MEDIUM POC PATCH This Month

PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Phpmailer
NVD GitHub
CVSS 3.0
6.1
EPSS
2.9%
CVE-2017-7060 MEDIUM POC This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Safari Iphone Os
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2017-0378 MEDIUM POC This Month

XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Phamm
NVD GitHub
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-7064 MEDIUM POC This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Apple Authentication Bypass Itunes Safari +2
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
3.3%
CVE-2017-10676 MEDIUM POC This Month

On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS D-Link Dir 600M Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-7038 MEDIUM This Month

A DOMParser XSS issue was discovered in certain Apple products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari Iphone Os Tvos +1
NVD
CVSS 3.0
6.1
EPSS
5.6%
CVE-2017-7011 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Iphone Os
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2017-2517 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-11478 MEDIUM PATCH This Month

The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-7059 MEDIUM This Month

A DOMParser XSS issue was discovered in certain Apple products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari Iphone Os Tvos
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-11501 MEDIUM PATCH This Month

NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Nixos
NVD GitHub
CVSS 3.0
5.9
EPSS
0.1%
CVE-2017-7029 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-7028 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-7067 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-7045 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Apple Authentication Bypass Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-7036 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Intel Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-7006 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Safari Iphone Os Tvos +1
NVD
CVSS 3.0
5.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy