Skip to main content
CVE-2017-14971 MEDIUM POC This Month

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Infocus Mondopad
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-15185 MEDIUM POC This Month

plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmp3Splt
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
0.2%
CVE-2017-14973 MEDIUM This Month

IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is vulnerable to Stored Cross-Site Scripting (XSS) via the notes field in /~user_handler?file=logged_in.shtm (aka the edit user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Two Reader Controller Configuration Manager
NVD
CVSS 3.0
5.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy