Skip to main content
CVE-2016-9934 HIGH PATCH Act Now

ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.6%.

Denial Of Service PHP Null Pointer Dereference
NVD GitHub
CVSS 3.0
7.5
EPSS
11.6%
CVE-2016-9933 HIGH PATCH Act Now

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.1%.

Denial Of Service PHP Buffer Overflow Libgd
NVD GitHub
CVSS 3.0
7.5
EPSS
11.1%
CVE-2016-10116 HIGH This Week

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Netgear Privilege Escalation Arlo Base Station Firmware Arlo Q Camera Firmware Arlo Q Plus Camera Firmware
NVD
CVSS 3.0
8.1
EPSS
7.1%
CVE-2016-7902 HIGH PATCH This Week

Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE PHP File Upload Dotclear
NVD
CVSS 3.0
8.8
EPSS
2.4%
CVE-2016-8860 HIGH PATCH This Week

Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Tor
NVD GitHub
CVSS 3.0
7.5
EPSS
2.7%
CVE-2016-6894 HIGH PATCH This Week

Arista EOS 4.15 before 4.15.8M, 4.16 before 4.16.7M, and 4.17 before 4.17.0F on DCS-7050 series devices allow remote attackers to cause a denial of service (device reboot) by sending crafted packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dcs 7050T Eos Software Dcs 7050Q Eos Software Dcs 7050S Eos Software
NVD
CVSS 3.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy