Skip to main content
CVE-2016-1887 HIGH POC This Week

Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Freebsd
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-1886 HIGH POC PATCH This Week

Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Freebsd
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.2%
CVE-2015-8853 HIGH Act Now

The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.0% and no vendor patch available.

Denial Of Service Fedora Perl
NVD
CVSS 3.0
7.5
EPSS
14.0%
CVE-2016-1406 HIGH This Week

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Evolved Programmable Network Manager Prime Infrastructure
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-1383 HIGH This Week

Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Web Security Appliance Wsa
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-1381 HIGH This Week

Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Web Security Appliance
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-1407 HIGH This Week

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service Ios Xr
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2016-1400 HIGH This Week

Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Telepresence Video Communication Server
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-1380 HIGH This Week

Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Web Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-1382 HIGH This Week

Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Web Security Appliance Wsa
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-4020 MEDIUM PATCH This Month

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Debian Linux Openstack +7
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2014-3672 MEDIUM This Month

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Libvirt Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-4575 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Huawei Ath Firmware Ath Rio Firmware +3
NVD
CVSS 3.0
6.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy