Skip to main content
CVE-2017-11611 MEDIUM POC This Month

Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wolf Cms
NVD GitHub
CVSS 3.0
5.4
EPSS
1.3%
CVE-2017-9095 MEDIUM POC This Month

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Diving Log
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.8%
CVE-2017-11162 MEDIUM This Month

Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Synology Photo Station
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-12071 MEDIUM This Month

Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Synology PHP Photo Station
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-0792 MEDIUM This Month

A information disclosure vulnerability in the Broadcom wi-fi driver. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Broadcom Google Information Disclosure Android
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-0779 MEDIUM PATCH This Month

A information disclosure vulnerability in the Android media framework (audioflinger). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0793 MEDIUM This Month

A information disclosure vulnerability in the N/A memory subsystem. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0777 MEDIUM PATCH This Month

A information disclosure vulnerability in the Android media framework (n/a). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0776 MEDIUM PATCH This Month

A information disclosure vulnerability in the Android media framework (n/a). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0780 MEDIUM PATCH This Month

A denial of service vulnerability in the Android runtime (android messenger). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0775 MEDIUM PATCH This Month

A denial of service vulnerability in the Android media framework (libstagefright). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0774 MEDIUM PATCH This Month

A denial of service vulnerability in the Android media framework (libstagefright). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0773 MEDIUM PATCH This Month

A denial of service vulnerability in the Android media framework (libhevc). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0772 MEDIUM PATCH This Month

A denial of service vulnerability in the Android media framework (libavc). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0771 MEDIUM PATCH This Month

A denial of service vulnerability in the Android media framework (libskia). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy