Skip to main content
CVE-2017-17649 MEDIUM POC This Month

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP Readymade Video Sharing Script
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.3%
CVE-2017-17737 MEDIUM POC This Month

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 4K242 Firmware
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-14583 MEDIUM This Month

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Clustered Data Ontap
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-17741 MEDIUM PATCH This Month

The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Buffer Overflow Linux Information Disclosure Linux Kernel Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-12630 MEDIUM PATCH This Month

In Apache Drill 1.11.0 and earlier when submitting form from Query page users are able to pass arbitrary script or HTML which will take effect on Profile page afterwards. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Drill
NVD
CVSS 3.0
5.4
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy