Skip to main content
CVE-2017-12921 MEDIUM This Month

PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Libfpx
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-12920 MEDIUM This Month

CDirectory::GetDirEntry in dir.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Libfpx
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-12925 MEDIUM This Month

Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libfpx
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-12924 MEDIUM This Month

CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted fpx image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libfpx
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-12876 MEDIUM PATCH This Month

Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service Imagemagick
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2015-2046 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Mantisbt
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2014-9557 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Smartcms
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2014-9469 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vbulletin
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2014-4925 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Google Good For Enterprise
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2014-0141 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Red Hat Satellite
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2013-7430 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Googlemaps plugin before 3.1 for Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Googlemaps
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-0101 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM Business Process Manager
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2014-8168 MEDIUM This Month

Red Hat Satellite 6 allows local users to access mongod and delete pulp_database. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Red Hat Satellite
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2017-13716 MEDIUM PATCH This Month

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Binutils
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2015-3976 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Multilink Ml810 Firmware Multilink Ml3000 Firmware Multilink Ml3100 Firmware Multilink Ml800 Firmware +3
NVD GitHub
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-12077 MEDIUM This Month

Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Synology Router Manager
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2017-12076 MEDIUM This Month

Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Synology Diskstation Manager
NVD
CVSS 3.0
4.9
EPSS
0.5%
CVE-2015-0233 MEDIUM This Month

Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 389 Administration Server
NVD
CVSS 3.0
4.2
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy