Skip to main content
CVE-2016-2776 HIGH POC THREAT Act Now

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 88.4%.

Denial Of Service Linux Vm Server Bind Hp Ux +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
88.4%
Threat
5.7
CVE-2016-7568 CRITICAL PATCH Act Now

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service PHP Buffer Overflow Libgd +1
NVD GitHub
CVSS 3.0
9.8
EPSS
3.4%
CVE-2016-7191 HIGH PATCH This Week

The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD) library 1.x before 1.4.6 and 2.x before 2.0.1 for Node.js does not recognize the validateIssuer setting, which allows remote. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Node.js Authentication Bypass Azure Active Directory Passport
NVD GitHub
CVSS 3.0
8.1
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy