Skip to main content
CVE-2015-7547 HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 94.0%.

Denial Of Service RCE Buffer Overflow Debian Linux Ubuntu Linux +28
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
94.0%
Threat
5.9
CVE-2016-0069 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 38.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
38.0%
CVE-2015-8286 CRITICAL POC THREAT Emergency

Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.8%.

Information Disclosure Raysharp Firmware
NVD
CVSS 3.0
9.8
EPSS
10.8%
CVE-2016-0068 HIGH Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
35.0%
CVE-2015-8151 CRITICAL Act Now

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Encryption Management Server
NVD
CVSS 3.0
9.1
EPSS
1.6%
CVE-2016-0795 HIGH This Week

LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Libreoffice Ubuntu Linux
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-0794 HIGH This Week

The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Libreoffice Ubuntu Linux
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2015-8150 HIGH This Week

Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Encryption Management Server
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2015-8149 HIGH This Week

The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Encryption Management Server
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2015-8148 HIGH This Week

The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Encryption Management Server
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-1987 MEDIUM This Month

HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

HP Denial Of Service Hp Ux Ipfilter
NVD
CVSS 3.0
5.9
EPSS
2.2%
CVE-2015-5970 MEDIUM This Month

The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Zenworks Configuration Management
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2015-8287 MEDIUM This Month

Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Swnvw 470Cam Firmware Srnvw 470Lcd Firmware
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-2509 MEDIUM This Month

The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E, L2P, L3E, and L3P before 09.0.06 sets an SNMP community to the same string as the administrator. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Hirschmann Firmware Hirschmann L2B
NVD
CVSS 3.0
5.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy