Skip to main content
CVE-2016-6330 CRITICAL Act Now

The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.0% and no vendor patch available.

Deserialization Red Hat RCE Jboss Operations Network
NVD
CVSS 3.0
9.8
EPSS
13.0%
CVE-2016-7044 HIGH POC This Week

The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2016-7045 HIGH POC This Week

The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2016-6137 CRITICAL Act Now

An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Trex
NVD
CVSS 3.0
9.8
EPSS
4.0%
CVE-2016-7444 HIGH PATCH This Week

The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Gnutls
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2016-4978 HIGH PATCH This Week

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Apache Activemq Artemis Jboss Enterprise Application Platform
NVD VulDB
CVSS 3.1
7.2
EPSS
1.4%
CVE-2016-7498 MEDIUM PATCH This Month

OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Compute Nova
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2016-4058 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Huawei Policy Center before V100R003C10SPC020 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to "special. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Policy Center
NVD
CVSS 3.0
5.4
EPSS
0.1%
CVE-2016-6146 MEDIUM This Month

The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Trex
NVD
CVSS 3.0
5.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy