Skip to main content
CVE-2016-5851 HIGH PATCH This Week

python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted document. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python XXE Python Docx
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2016-7172 HIGH This Week

NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Snap Creator Framework
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-2349 HIGH This Week

Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Remedy Action Request System
NVD
CVSS 3.0
7.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy