Skip to main content
CVE-2016-4014 HIGH POC This Week

XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service XXE SAP Java Netweaver
NVD
CVSS 3.0
8.6
EPSS
6.9%
CVE-2015-8540 HIGH PATCH Act Now

Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5%.

Buffer Overflow Enterprise Linux Desktop Supplementary Enterprise Linux Hpc Node Enterprise Linux Server Supplementary Enterprise Linux Workstation Supplementary +3
NVD VulDB
CVSS 3.0
8.8
EPSS
13.5%
CVE-2015-5343 HIGH Act Now

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Apache Subversion +1
NVD
CVSS 3.0
7.6
EPSS
19.1%
CVE-2015-8550 HIGH Act Now

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Epss exploitation probability 16.0% and no vendor patch available.

Denial Of Service Authentication Bypass Xen Suse Linux Enterprise Real Time Extension
NVD
CVSS 3.0
8.2
EPSS
16.0%
CVE-2015-8560 HIGH Act Now

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.8% and no vendor patch available.

Information Disclosure Ubuntu Linux Debian Linux Cups Filters Foomatic Filters
NVD
CVSS 3.0
7.3
EPSS
10.8%
CVE-2015-7999 HIGH This Week

Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix SQLi Command Center
NVD
CVSS 3.0
8.1
EPSS
0.5%
CVE-2016-4015 HIGH This Week

The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP Java Netweaver
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2016-4017 HIGH This Week

The Data Provisioning Agent (aka DP Agent) in SAP HANA allows remote attackers to cause a denial of service (process crash) via unspecified vectors, aka SAP Security Note 2262710. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP Hana
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2015-8676 HIGH This Week

Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Huawei S2350Ei Firmware S5300Ei Firmware +9
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-8554 HIGH This Week

Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a. Rated high severity (CVSS 7.5). No vendor patch available.

Buffer Overflow Xen
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2016-4018 HIGH This Week

The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote attackers to obtain sensitive information, gain privileges, and. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Hana
NVD
CVSS 3.0
7.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy