Skip to main content
CVE-2016-1336 HIGH POC THREAT Act Now

goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 31.8%.

Cisco Denial Of Service Epc3928 Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
31.8%
Threat
4.0
CVE-2016-1328 HIGH POC THREAT Act Now

goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

Cisco Denial Of Service Epc3928 Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
23.2%
CVE-2016-4997 HIGH POC PATCH Act Now

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Privilege Escalation Linux Buffer Overflow Linux Kernel +9
NVD GitHub Exploit-DB
CVSS 3.1
7.8
EPSS
4.8%
CVE-2016-4998 HIGH POC PATCH Act Now

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Buffer Overflow Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 3.0
7.1
EPSS
1.5%
CVE-2016-3989 HIGH POC This Week

The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ntp Server Firmware Ims Lantime M1000 Ims Lantime M3000 Ims Lantime M500 +8
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
9.8%
CVE-2016-3962 HIGH POC THREAT Act Now

Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.2%.

Denial Of Service Buffer Overflow Ntp Server Firmware Ims Lantime M1000 Ims Lantime M3000 +9
NVD Exploit-DB
CVSS 3.0
7.3
EPSS
11.2%
CVE-2016-1337 HIGH POC This Week

Cisco EPC3928 devices allow remote attackers to obtain sensitive configuration and credential information by making requests during the early part of the boot process, related to a "Boot Information. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Cisco Information Disclosure Epc3928 Firmware
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
4.2%
CVE-2016-1704 HIGH This Week

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome Ubuntu Linux Enterprise Linux Desktop +5
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2016-1228 HIGH This Week

Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pr 400Mi Firmware Pr 400Mi Rt 400Mi Firmware Rv 440Mi Firmware
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2016-2082 HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF VMware Vrealize Log Insight
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-1394 HIGH This Week

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firesight System Software
NVD
CVSS 3.0
8.6
EPSS
0.7%
CVE-2016-4512 HIGH This Week

Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 and earlier allows remote attackers to execute arbitrary code via a long packet. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Elcsoft
NVD
CVSS 3.0
7.3
EPSS
6.4%
CVE-2016-1441 HIGH This Week

Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Cloud Network Automation Provisioner
NVD
CVSS 3.0
8.2
EPSS
0.2%
CVE-2016-5706 HIGH PATCH This Week

js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service PHP Phpmyadmin Leap Opensuse
NVD GitHub
CVSS 3.0
7.5
EPSS
2.8%
CVE-2016-2863 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 7.0 Feature Pack 8, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.2 allows remote authenticated users to hijack the. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS CSRF Websphere Commerce
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2016-5739 HIGH PATCH This Week

The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

CSRF PHP Information Disclosure Leap Opensuse +1
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2016-1227 HIGH This Week

NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Rt 400Mi Firmware Pr 400Mi Firmware Rv 440Mi Firmware
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2016-3988 HIGH This Week

Multiple stack-based buffer overflows in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300,. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Ntp Server Firmware Ims Lantime M1000 Ims Lantime M3000 +9
NVD
CVSS 3.0
7.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy