Latest CVE Feed
-
7.4
HIGHCVE-2017-2912
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the goclient daemon to accept a different certificate than intended. An attacker can... Read more
- EPSS Score: %0.14
- Published: Nov. 07, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-2889
An exploitable Denial of Service vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A large amount of simultaneous TCP connections causes the APID daemon to repeatedly fork, causing the daemon to run out of memory and tri... Read more
- EPSS Score: %0.37
- Published: Nov. 07, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-4906
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.... Read more
Affected Products : garoon- EPSS Score: %0.32
- Published: Jun. 09, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2015-9072
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.... Read more
Affected Products : android- EPSS Score: %0.13
- Published: Aug. 18, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-2819
An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which... Read more
- EPSS Score: %0.64
- Published: May. 24, 2017
- Modified: Apr. 20, 2025
-
8.3
HIGHCVE-2017-2797
An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6.... Read more
Affected Products : marklogic- EPSS Score: %0.26
- Published: May. 23, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2017-2785
An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execut... Read more
Affected Products : popup- EPSS Score: %16.09
- Published: Mar. 10, 2017
- Modified: Apr. 20, 2025
-
5.9
MEDIUMCVE-2016-4830
Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates.... Read more
Affected Products : sushiro- EPSS Score: %0.58
- Published: Apr. 21, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2015-9067
In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed.... Read more
Affected Products : android- EPSS Score: %0.15
- Published: Aug. 18, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2015-9061
In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.... Read more
Affected Products : android- EPSS Score: %0.15
- Published: Aug. 18, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-2709
HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to ... Read more
- EPSS Score: %0.08
- Published: Nov. 22, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-2704
Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawe... Read more
Affected Products : smarthome hiapp hwparentcontrol hwparentcontrolparent crowdtest hiwallet huawei_pay skytone hwclouddrive\(emui6.0\) hwphonefinder\(emui6.0\) +4 more products- EPSS Score: %0.08
- Published: Nov. 22, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2015-8831
Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment.... Read more
Affected Products : dotclear- EPSS Score: %0.93
- Published: Feb. 09, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2015-8814
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.... Read more
- EPSS Score: %0.11
- Published: Mar. 03, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-4547
Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.... Read more
Affected Products : samsung_mobile- EPSS Score: %0.56
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-2213
Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EXE) ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more
Affected Products : semidynaexe- EPSS Score: %0.14
- Published: Jun. 09, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2015-8667
Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email.... Read more
Affected Products : exponent_cms- EPSS Score: %0.23
- Published: Jan. 18, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-4460
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.... Read more
Affected Products : pony_mail- EPSS Score: %0.09
- Published: Aug. 22, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2015-8593
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.... Read more
Affected Products : android- EPSS Score: %0.18
- Published: Aug. 18, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-2325
A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.... Read more
Affected Products : northstar_controller- EPSS Score: %0.49
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025