Skip to main content
CVE-2016-8582 CRITICAL POC THREAT Emergency

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 80.5%.

PHP SQLi Open Source Security Information And Event Management Unified Security Management
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
80.5%
Threat
5.9
CVE-2016-8580 CRITICAL POC THREAT Emergency

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.6%.

RCE PHP Authentication Bypass Open Source Security Information And Event Management Unified Security Management
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
12.6%
CVE-2016-8339 CRITICAL POC PATCH Act Now

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Redis Memory Corruption Buffer Overflow RCE
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2016-8598 CRITICAL PATCH Act Now

Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Libcsp
NVD GitHub
CVSS 3.0
9.8
EPSS
3.4%
CVE-2016-8597 CRITICAL PATCH Act Now

Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying network layers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Libcsp
NVD GitHub
CVSS 3.0
9.8
EPSS
3.4%
CVE-2016-8596 CRITICAL PATCH Act Now

Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Libcsp
NVD GitHub
CVSS 3.0
9.8
EPSS
3.4%
CVE-2016-6397 CRITICAL Act Now

A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Ip Interoperability And Collaboration System
NVD
CVSS 3.0
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy