Skip to main content
CVE-2015-3253 CRITICAL PATCH Act Now

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 69.7%.

RCE Denial Of Service Java Apache Groovy +5
NVD
CVSS 3.0
9.8
EPSS
69.7%
Threat
4.1
CVE-2015-5536 CRITICAL PATCH Act Now

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request;. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation N300 Dual Band Wi Fi Range Extender Firmware
NVD
CVSS 2.0
9.0
EPSS
3.4%
CVE-2015-5474 CRITICAL Act Now

BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Bittorrent Utorrent
NVD
CVSS 2.0
9.3
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy