Skip to main content
CVE-2016-7412 HIGH POC PATCH This Week

ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service PHP Buffer Overflow
NVD GitHub
CVSS 3.0
8.1
EPSS
1.7%
CVE-2016-7416 HIGH POC PATCH This Week

ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service PHP Buffer Overflow
NVD GitHub
CVSS 3.0
7.5
EPSS
2.5%
CVE-2016-7418 HIGH POC PATCH This Week

The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service PHP Buffer Overflow
NVD GitHub
CVSS 3.0
7.5
EPSS
2.0%
CVE-2016-1482 HIGH This Week

Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Cisco Webex Meetings Server
NVD
CVSS 3.0
8.1
EPSS
1.4%
CVE-2016-6407 HIGH This Week

Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Web Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy