Skip to main content
CVE-2015-8968 HIGH POC PATCH This Week

git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Git Fastclone
NVD GitHub
CVSS 3.1
8.8
EPSS
2.8%
CVE-2016-6430 HIGH This Week

A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Ip Interoperability And Collaboration System
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6455 HIGH This Week

A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Asr 5000 Software
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2016-7452 HIGH PATCH This Week

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

Path Traversal File Upload Exponent Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-9134 HIGH PATCH This Week

Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the order parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Information Disclosure Exponent Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
1.0%
CVE-2016-7160 HIGH This Week

A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Samsung Null Pointer Dereference Samsung Mobile
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-9135 HIGH PATCH This Week

Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controllers/helpController.php" affecting the version parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Information Disclosure Exponent Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-9136 HIGH PATCH This Week

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Mujs
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2016-6453 HIGH This Week

A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Identity Services Engine
NVD
CVSS 3.0
7.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy