Skip to main content
CVE-2016-8331 HIGH POC This Week

An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Libtiff
NVD
CVSS 3.0
8.1
EPSS
6.2%
CVE-2016-8335 HIGH POC This Week

An exploitable stack based buffer overflow vulnerability exists in the ipNameAdd functionality of Iceni Argus Version 6.6.04 (Sep 7 2012) NK - Linux x64 and Version 6.6.04 (Nov 14 2014) NK - Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Microsoft Argus
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2016-8333 HIGH POC This Week

An exploitable stack-based buffer overflow vulnerability exists in the ipfSetColourStroke functionality of Iceni Argus version 6.6.04 A specially crafted pdf file can cause a buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Argus
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2016-8332 HIGH POC This Week

A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Openjpeg
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2016-8600 HIGH POC This Week

In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dotcms
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2016-7919 HIGH POC This Week

Moodle 3.1.2 allows remote attackers to obtain sensitive information via unspecified vectors, related to a "SQL Injection" issue affecting the Administration panel function in the installation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Moodle
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2016-9017 HIGH POC This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Mujs
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-9028 HIGH This Week

Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Netscaler Application Delivery Controller Firmware
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2016-4396 HIGH This Week

HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow System Management Homepage
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2016-4395 HIGH This Week

HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow System Management Homepage
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2016-6360 HIGH This Week

A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance Web Security Appliance
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2016-6358 HIGH This Week

A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2016-6356 HIGH This Week

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-1486 HIGH This Week

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-1481 HIGH This Week

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-8867 HIGH This Week

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Docker Privilege Escalation
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-1480 HIGH This Week

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-6372 HIGH This Week

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Email Security Appliance Web Security Appliance Web Security Appliance 8 0 5
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-6357 HIGH This Week

A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy