Skip to main content
CVE-2016-2776 HIGH POC THREAT Act Now

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 88.4%.

Denial Of Service Linux Vm Server Bind Hp Ux +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
88.4%
Threat
5.7
CVE-2016-7191 HIGH PATCH This Week

The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD) library 1.x before 1.4.6 and 2.x before 2.0.1 for Node.js does not recognize the validateIssuer setting, which allows remote. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Microsoft Node.js Authentication Bypass Azure Active Directory Passport
NVD GitHub
CVSS 3.0
8.1
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy