Skip to main content
CVE-2017-15946 CRITICAL POC Act Now

In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Tag Meta
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-15949 HIGH POC This Week

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Xavier
NVD
CVSS 3.0
7.2
EPSS
0.2%
CVE-2017-15947 MEDIUM POC This Month

Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Simple Asc Content Management System
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2017-15948 MEDIUM POC This Month

Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the Asset Title field in conjunction with the Select File field. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS File Upload Perch
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2017-15951 HIGH PATCH This Week

The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2017-15954 MEDIUM PATCH This Month

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Debian Linux Bchunk
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-15953 MEDIUM PATCH This Month

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Debian Linux Bchunk
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-15955 MEDIUM PATCH This Month

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Debian Linux Bchunk
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy