Skip to main content
CVE-2016-6374 CRITICAL Act Now

Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a crafted dnslookup command in an HTTP request, aka Bug ID CSCuz89093. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Cloud Services Platform 2100
NVD
CVSS 3.1
9.8
EPSS
5.6%
CVE-2016-6525 CRITICAL PATCH Act Now

Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE Buffer Overflow Debian Linux Mupdf
NVD
CVSS 3.0
9.8
EPSS
5.4%
CVE-2016-5270 CRITICAL Act Now

Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow Firefox
NVD
CVSS 3.0
9.8
EPSS
4.1%
CVE-2016-6406 CRITICAL Act Now

Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Email Security Appliance Firmware
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2016-5281 CRITICAL Act Now

Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Mozilla RCE Use After Free Firefox
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2016-5280 CRITICAL Act Now

Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Mozilla RCE Use After Free Firefox
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2016-5274 CRITICAL Act Now

Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Mozilla RCE Use After Free Firefox
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2016-5277 CRITICAL Act Now

Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Mozilla Buffer Overflow +2
NVD
CVSS 3.0
9.8
EPSS
2.3%
CVE-2016-5276 CRITICAL Act Now

Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Mozilla Buffer Overflow +2
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2016-5256 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Firefox
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2016-5257 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Firefox
NVD
CVSS 3.0
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy