Skip to main content
CVE-2016-5734 CRITICAL POC PATCH THREAT Act Now

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 87.0%.

RCE PHP Code Injection Phpmyadmin
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
87.0%
Threat
6.1
CVE-2016-1606 CRITICAL POC THREAT Emergency

Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 56.7%.

RCE Buffer Overflow Rumba
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
56.7%
Threat
5.2
CVE-2016-5228 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 51.2%.

RCE Buffer Overflow Rumba
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
51.2%
Threat
5.0
CVE-2016-3955 CRITICAL PATCH Act Now

The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.8%.

Denial Of Service Linux Buffer Overflow Ubuntu Linux Linux Kernel +1
NVD GitHub
CVSS 3.1
9.8
EPSS
12.8%
CVE-2016-2074 CRITICAL PATCH Act Now

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Openvswitch Openshift
NVD
CVSS 3.0
9.8
EPSS
7.5%
CVE-2015-7029 CRITICAL Act Now

Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Airport Base Station Firmware
NVD
CVSS 3.0
9.8
EPSS
4.3%
CVE-2016-5703 CRITICAL PATCH Act Now

SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Leap Opensuse Phpmyadmin
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy