Skip to main content
CVE-2016-10081 HIGH POC This Week

/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Shutter
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
2.9%
CVE-2016-7084 HIGH POC This Week

tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to. Rated high severity (CVSS 7.8). Public exploit code available and no vendor patch available.

VMware Denial Of Service Buffer Overflow Microsoft RCE +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2016-7083 HIGH POC This Week

VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary. Rated high severity (CVSS 7.8). Public exploit code available and no vendor patch available.

VMware Denial Of Service Buffer Overflow Microsoft RCE +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-7462 HIGH This Week

The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Privilege Escalation VMware Vrealize Operations
NVD
CVSS 3.0
8.5
EPSS
1.7%
CVE-2016-7461 HIGH This Week

The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow VMware Fusion +3
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-9878 HIGH PATCH This Week

An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Java Spring Framework
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2015-0854 HIGH PATCH This Week

App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Shutter
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-7081 HIGH This Week

Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled,. Rated high severity (CVSS 7.8). No vendor patch available.

RCE Buffer Overflow VMware Microsoft Workstation Player +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-7085 HIGH This Week

Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure VMware Microsoft Workstation Player Workstation Pro
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-7080 HIGH This Week

The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference VMware Tools
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-7079 HIGH This Week

The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference VMware Tools
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-7082 HIGH This Week

VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary. Rated high severity (CVSS 7.8). No vendor patch available.

VMware Denial Of Service Buffer Overflow Microsoft RCE +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-2246 HIGH PATCH This Week

HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

HP Privilege Escalation Thinpro
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-7459 HIGH PATCH This Week

VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE VMware Vcenter Server
NVD
CVSS 3.0
7.7
EPSS
0.5%
CVE-2016-7086 HIGH This Week

The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware Microsoft Workstation Player Workstation Pro
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2015-8743 HIGH PATCH This Week

QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Qemu Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy