Skip to main content
CVE-2015-4068 CRITICAL KEV THREAT Emergency

Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 80.9%.

Denial Of Service Path Traversal
NVD VulDB
CVSS 3.1
9.1
EPSS
80.9%
Threat
5.7
CVE-2014-9727 CRITICAL POC THREAT Emergency

AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 87.8%.

Command Injection Fritz Box
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
87.8%
Threat
6.1
CVE-2015-4031 CRITICAL Emergency

Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining NetChart allows remote attackers to write to arbitrary files via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 34.2% and no vendor patch available.

Path Traversal Netcharts Server
NVD
CVSS 2.0
10.0
EPSS
34.2%
CVE-2015-4060 CRITICAL Act Now

Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro allows remote attackers to execute arbitrary code via a large HTTP header. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.0% and no vendor patch available.

RCE Buffer Overflow Connectpro
NVD
CVSS 2.0
10.0
EPSS
15.0%
CVE-2015-4059 CRITICAL Act Now

Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation (TE) allows remote attackers to execute arbitrary code via a large HTTP header. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.0% and no vendor patch available.

RCE Buffer Overflow Terminal Emulation
NVD
CVSS 2.0
10.0
EPSS
15.0%
CVE-2015-4067 CRITICAL Act Now

Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.8% and no vendor patch available.

RCE Buffer Overflow Dell Netvault Backup
NVD
CVSS 2.0
10.0
EPSS
10.8%
CVE-2015-4032 CRITICAL Act Now

projectContents.jsp in the Developer tools in Visual Mining NetCharts Server allows remote attackers to rename arbitrary files, and consequently execute them, via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Netcharts Server
NVD
CVSS 2.0
10.0
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy