Skip to main content
CVE-2016-8704 CRITICAL POC THREAT Emergency

An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Integer Overflow RCE Memcached
NVD
CVSS 3.0
9.8
EPSS
14.3%
CVE-2016-8705 CRITICAL POC THREAT Emergency

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.6%.

Integer Overflow RCE Memcached
NVD
CVSS 3.0
9.8
EPSS
12.6%
CVE-2015-2868 CRITICAL POC Act Now

An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Comfortlink Ii Firmware
NVD
CVSS 3.0
9.8
EPSS
9.1%
CVE-2015-2867 CRITICAL POC Act Now

A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Comfortlink Ii Firmware
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2016-2336 CRITICAL POC Act Now

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Ruby
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2016-4336 CRITICAL POC Act Now

An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Perceptive Document Filters
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2016-2337 CRITICAL POC Act Now

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Ruby
NVD
CVSS 3.0
9.8
EPSS
0.8%
CVE-2016-2339 CRITICAL POC Act Now

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ruby
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2016-9885 CRITICAL Act Now

An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions prior to 1.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Gemfire For Pivotal Cloud Foundry
NVD
CVSS 3.0
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy