Skip to main content
CVE-2017-14988 MEDIUM This Month

Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openexr
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-14770 MEDIUM This Month

Skybox Manager Client Application prior to 8.5.501 is prone to an information disclosure vulnerability of user password hashes. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Skybox Manager Client Application
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-14771 MEDIUM This Month

Skybox Manager Client Application prior to 8.5.501 is prone to an arbitrary file upload vulnerability due to insufficient input validation of user-supplied files path when uploading files via the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

File Upload Skybox Manager Client Application
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-1429 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1369 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1364 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1359 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1335 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1334 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1324 MEDIUM This Month

IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Engineering Lifecycle Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1345 MEDIUM This Month

IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Insights Foundation For Energy
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-9537 MEDIUM This Month

Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Network Performance Monitor
NVD
CVSS 3.0
4.8
EPSS
1.3%
CVE-2017-14772 LOW Monitor

Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Skybox Manager Client Application
NVD
CVSS 3.0
3.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy