Skip to main content
CVE-2016-10701 HIGH This Week

In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exists in the Business Analytics application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pentaho Business Analytics
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17045 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-8001 HIGH This Week

An issue was discovered in EMC ScaleIO 2.0.1.x. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emc Scaleio
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2017-8019 HIGH This Week

An issue was discovered in EMC ScaleIO 2.0.1.x. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Scaleio
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2017-17042 HIGH PATCH This Week

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Yard
NVD GitHub
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-15673 HIGH This Week

The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Cs Cart
NVD
CVSS 3.0
7.2
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy