Skip to main content
CVE-2016-4273 HIGH POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 54.8%.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
54.8%
Threat
4.9
CVE-2016-5425 HIGH POC THREAT Act Now

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.

Tomcat Red Hat Privilege Escalation Oracle
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
11.6%
CVE-2016-7065 HIGH POC THREAT Act Now

The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.1%.

RCE Deserialization Denial Of Service Java Red Hat +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
12.1%
CVE-2016-6992 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Adobe Memory Corruption RCE Microsoft Flash Player +1
NVD
CVSS 3.1
8.8
EPSS
8.8%
CVE-2016-6990 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6989 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6986 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6985 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6984 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6983 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6982 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2016-6987 HIGH PATCH This Week

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2016-6981 HIGH PATCH This Week

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2016-4286 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Flash Player Flash Player Desktop Runtime +3
NVD
CVSS 3.0
8.8
EPSS
2.4%
CVE-2016-6935 HIGH This Week

Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Adobe Information Disclosure Microsoft Creative Cloud
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-6325 HIGH This Week

The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Tomcat Red Hat Privilege Escalation
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-3946 HIGH This Week

SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Microsoft Sapconsole
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8563 HIGH PATCH This Week

Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Siemens Automation License Manager
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2016-3635 HIGH This Week

SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

SAP Authentication Bypass Netweaver
NVD
CVSS 3.0
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy