Skip to main content
CVE-2017-3110 HIGH PATCH This Week

Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Experience Manager
NVD
CVSS 3.0
7.5
EPSS
9.6%
CVE-2017-3107 HIGH PATCH This Week

Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Experience Manager
NVD
CVSS 3.0
7.5
EPSS
9.6%
CVE-2017-3123 HIGH PATCH This Week

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2017-11263 HIGH PATCH This Week

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
8.8
EPSS
2.4%
CVE-2017-11259 HIGH PATCH This Week

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
8.8
EPSS
2.2%
CVE-2017-11232 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.4%.

Denial Of Service RCE Adobe Information Disclosure Acrobat +4
NVD
CVSS 3.0
6.5
EPSS
12.4%
CVE-2017-3118 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.0%.

Adobe Information Disclosure Acrobat Acrobat Dc Acrobat Reader Dc +1
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2017-3091 HIGH PATCH This Week

Adobe Digital Editions 4.5.4 and earlier versions 4.5.4 and earlier have an exploitable memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
7.5
EPSS
5.3%
CVE-2017-11280 HIGH PATCH This Week

Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
7.5
EPSS
5.3%
CVE-2017-11278 HIGH PATCH This Week

Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
7.5
EPSS
5.3%
CVE-2017-11277 HIGH PATCH This Week

Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
7.5
EPSS
5.3%
CVE-2017-11276 HIGH PATCH This Week

Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
7.5
EPSS
5.3%
CVE-2017-3122 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11265 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11258 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11255 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11252 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11249 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11248 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11246 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11245 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11244 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11243 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11242 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11239 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11238 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11236 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11233 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11230 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.1%.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
10.1%
CVE-2017-11279 HIGH PATCH This Week

Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2017-11217 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
8.8%
CVE-2017-11210 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
8.8%
CVE-2017-11209 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Adobe Acrobat Acrobat Dc +3
NVD
CVSS 3.0
6.5
EPSS
8.8%
CVE-2017-7675 HIGH PATCH This Week

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Tomcat Path Traversal Apache
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2017-3115 MEDIUM PATCH This Month

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Acrobat Acrobat Dc Acrobat Reader Dc +1
NVD
CVSS 3.0
6.5
EPSS
7.1%
CVE-2017-8259 HIGH PATCH This Week

In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Google Linux Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8273 HIGH PATCH This Week

In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Qualcomm Google Linux Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8271 HIGH PATCH This Week

Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Android releases from CAF using the Linux kernel by an unsanitized userspace-controlled parameter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Linux Buffer Overflow Google Qualcomm Memory Corruption +1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8264 HIGH PATCH This Week

A userspace process can cause a Denial of Service in the camera driver in all Qualcomm products with Android releases from CAF using the Linux kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Qualcomm Google Linux Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-1783 HIGH PATCH This Week

The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Fedora Lasso
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-6796 HIGH PATCH This Week

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Tomcat Authentication Bypass Apache Debian Linux Oncommand Insight +12
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2017-11272 HIGH This Week

Adobe Digital Editions 4.5.4 and earlier has a security bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Digital Editions
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2015-3614 HIGH This Week

Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortimanager Firmware
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-11148 MEDIUM This Month

Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Synology Chat
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2015-3156 MEDIUM PATCH This Month

The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Redis PostgreSQL Information Disclosure Trove
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8269 MEDIUM PATCH This Month

Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Linux Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8258 MEDIUM PATCH This Month

An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Linux Buffer Overflow Google Qualcomm Information Disclosure +1
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-7674 MEDIUM PATCH This Month

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Tomcat Apache Information Disclosure
NVD
CVSS 3.0
4.3
EPSS
5.9%
CVE-2017-9556 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authenticated attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Synology Video Station
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-3615 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Privilege Escalation Fortinet Fortimanager Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy