Skip to main content
CVE-2017-11705 MEDIUM POC This Month

A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ming
NVD GitHub
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-11703 MEDIUM POC This Month

A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ming
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-11704 MEDIUM POC This Month

A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Ming
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-11716 MEDIUM POC This Month

MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Metinfo
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-11718 MEDIUM POC This Month

There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect PHP Metinfo
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-11647 MEDIUM POC This Month

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS 4Gt101W Software 4Gt101W Bootloader
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-5191 MEDIUM This Month

VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Rated medium severity (CVSS 6.7). No vendor patch available.

Race Condition VMware Privilege Escalation Tools
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2017-11722 MEDIUM PATCH This Month

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Graphicsmagick
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-6260 MEDIUM This Month

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Nvidia Microsoft Gpu Driver
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2017-6259 MEDIUM This Month

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Nvidia Gpu Driver
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2017-11183 MEDIUM This Month

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Glpi
NVD GitHub
CVSS 3.0
4.9
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy