Skip to main content
CVE-2014-2321 CRITICAL POC THREAT Emergency

web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 92.0%.

Privilege Escalation Zte F460 F660
NVD VulDB
CVSS 2.0
10.0
EPSS
92.0%
Threat
6.3
CVE-2013-3928 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 76.1%.

RCE Buffer Overflow Chasys Draw Ies
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
76.1%
Threat
5.6
CVE-2014-2299 CRITICAL POC THREAT Emergency

Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 66.9%.

Denial Of Service RCE Buffer Overflow Wireshark
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
66.9%
Threat
5.4
CVE-2013-6941 CRITICAL Act Now

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
10.0
EPSS
0.4%
CVE-2013-6207 CRITICAL Act Now

Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Sitescope
NVD VulDB
CVSS 2.0
9.4
EPSS
2.5%
CVE-2014-0100 CRITICAL PATCH Act Now

Race condition in the inet_frag_intern function in net/ipv4/inet_fragment.c in the Linux kernel through 3.13.6 allows remote attackers to cause a denial of service (use-after-free error) or possibly. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Denial Of Service Race Condition Linux Linux Kernel
NVD VulDB
CVSS 2.0
9.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy