Skip to main content
CVE-2017-17043 MEDIUM POC This Month

The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP Emag Marketplace Connector
NVD
CVSS 3.0
6.1
EPSS
4.0%
CVE-2017-16951 MEDIUM POC This Month

Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Winamp Pro
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
1.5%
CVE-2017-16952 MEDIUM POC This Month

KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Kmplayer
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
1.3%
CVE-2017-14389 MEDIUM This Month

An issue was discovered in Cloud Foundry Foundation capi-release (all versions prior to 1.45.0), cf-release (all versions prior to v280), and cf-deployment (all versions prior to v1.0.0). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Capi Release Cf Deployment Cf Release
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2017-17046 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-17044 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-10702 MEDIUM This Month

Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pebble Firmware
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-14379 MEDIUM This Month

EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Rsa Authentication Manager
NVD
CVSS 3.0
5.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy