Skip to main content
CVE-2017-16893 MEDIUM This Month

The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Piwigo
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-14953 MEDIUM This Month

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hikvision Ds 2Cd2432F Iw Firmware
NVD
CVSS 3.0
6.5
EPSS
0.0%
CVE-2017-15707 MEDIUM PATCH This Month

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Apache Information Disclosure Struts Oncommand Balance Agile Plm Framework +9
NVD
CVSS 3.0
6.2
EPSS
1.5%
CVE-2017-6679 MEDIUM This Month

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in. Rated medium severity (CVSS 6.4). No vendor patch available.

Cisco Information Disclosure Umbrella
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2017-3104 MEDIUM This Month

Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Robohelp
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2017-11285 MEDIUM PATCH This Month

Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Adobe Coldfusion
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2017-3105 MEDIUM This Month

Adobe RoboHelp has an Open Redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Adobe Robohelp
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2017-17087 MEDIUM PATCH This Month

fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Vim Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2017-16611 MEDIUM PATCH This Month

In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Debian Linux Ubuntu Linux Libxfont
NVD
CVSS 3.1
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy