Skip to main content
CVE-2017-13808 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13843 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13838 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13830 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13811 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13800 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-14020 HIGH This Week

In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Click Plc Firmware C More Plc Firmware C More Micro Firmware Gs Drives Fimware +1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6803 HIGH This Week

An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Apache Information Disclosure Openoffice
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-10885 HIGH This Week

Untrusted search path vulnerability in HYPER SBI Ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hyper Sbi
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-3767 HIGH This Week

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Lenovo Audio Driver Firmware
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-16803 HIGH This Week

In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Libav
NVD GitHub
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-10875 HIGH This Week

I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Lan Disk Connect Firmware
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-13820 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apple Mac Os X
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2017-13831 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
7.1
EPSS
0.2%
CVE-2017-15526 MEDIUM This Month

Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Privilege Escalation Endpoint Encryption
NVD
CVSS 3.0
6.8
EPSS
0.1%
CVE-2017-13790 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-13789 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-7739 MEDIUM This Month

A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Fortinet Fortios
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2017-13819 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Mac Os X
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2017-16792 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in a Box) before 0.13.10 allows attackers to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Geminabox
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2017-1229 MEDIUM This Month

IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Bigfix Platform
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2017-16808 MEDIUM This Month

tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
5.5
EPSS
1.5%
CVE-2017-13782 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2017-13804 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-16805 MEDIUM This Month

In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to r_bin_dwarf_parse_comp_unit in dwarf.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Radare2
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13842 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13841 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13840 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13836 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13823 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13822 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13821 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13818 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-13828 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-8806 MEDIUM This Month

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Ubuntu Debian PostgreSQL
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2017-13817 MEDIUM This Month

An out-of-bounds read issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-13810 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-7113 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-16802 MEDIUM PATCH This Month

In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Misp
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-16801 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Octopus Deploy 3.7.0-3.17.13 (fixed in 3.17.14) allows remote authenticated users to inject arbitrary web script or HTML via the Step Template Name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Octopus Deploy
NVD GitHub
CVSS 3.0
5.4
EPSS
0.1%
CVE-2017-13786 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
4.6
EPSS
0.1%
CVE-2017-15525 MEDIUM This Month

Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Endpoint Encryption
NVD
CVSS 3.0
4.5
EPSS
0.2%
CVE-2017-16804 MEDIUM PATCH This Month

In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function in app/models/mailer.rb does not check whether an issue is visible, which allows remote authenticated users to obtain sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Redmine Debian Linux
NVD GitHub
CVSS 3.0
4.3
EPSS
0.3%
CVE-2017-13852 LOW Monitor

An issue was discovered in certain Apple products. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.0
3.3
EPSS
0.2%
CVE-2017-13801 LOW Monitor

An issue was discovered in certain Apple products. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2017-13844 LOW Monitor

An issue was discovered in certain Apple products. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.0
2.4
EPSS
0.1%
CVE-2017-13805 LOW Monitor

An issue was discovered in certain Apple products. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.0
2.4
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy