Skip to main content
CVE-2015-8787 CRITICAL PATCH Act Now

The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Null Pointer Dereference Linux Kernel
NVD GitHub
CVSS 3.1
9.8
EPSS
5.7%
CVE-2015-3252 CRITICAL Act Now

Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Cloudstack
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2016-2230 CRITICAL Act Now

OpenELEC and RasPlex devices have a hardcoded password for the root account, which makes it easier for remote attackers to obtain access via an SSH session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Openelec
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2015-8360 CRITICAL PATCH Act Now

An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote attackers to execute arbitrary Java code via serialized data to the JMS port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian RCE Java Bamboo
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2014-9757 CRITICAL PATCH Act Now

The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian RCE Java Bamboo
NVD
CVSS 3.0
9.8
EPSS
0.8%
CVE-2015-8361 CRITICAL PATCH Act Now

Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian Authentication Bypass Bamboo
NVD
CVSS 3.0
9.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy