Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allows remote attackers to execute arbitrary code via a long string in the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 35.0%.
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service (reboot or crash) via a crafted. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 38.0%.
The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have a sufficiently large number of possible WPA-PSK passphrases, which makes it easier for remote attackers to obtain access via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 15.5%.
The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.
The message function in lib/webbynode/notify.rb in the Webbynode gem 1.0.5.3 and earlier for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Buffer overflow in the unpacksms16 function in apps/app_sms.c in Asterisk Open Source 1.8.x before 1.8.24.1, 10.x before 10.12.4, and 11.x before 11.6.1; Asterisk with Digiumphones 10.x-digiumphones. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.
The OG Features module 6.x-1.x before 6.x-1.4 for Drupal does not properly override pages that have an access callback set to false, which allows remote attackers to bypass intended access. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product. Rated medium severity (CVSS 4.9). No vendor patch available.
IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 through FP5, 10.1 through FP3, and 10.5 through FP2, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2, when a multi-database dataset exists, allows remote attackers to read database. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.4 SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
IBM FileNet Business Process Framework 4.1.0 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.