Skip to main content
CVE-2016-9131 HIGH PATCH Act Now

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 72.8%.

Denial Of Service Bind Debian Linux Enterprise Linux Desktop Enterprise Linux Eus +8
NVD
CVSS 3.1
7.5
EPSS
72.8%
CVE-2016-9147 HIGH PATCH Act Now

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 56.2%.

Denial Of Service Bind
NVD
CVSS 3.0
7.5
EPSS
56.2%
CVE-2016-9444 HIGH PATCH Act Now

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 50.5%.

Denial Of Service Bind
NVD
CVSS 3.0
7.5
EPSS
50.5%
CVE-2017-5225 HIGH POC PATCH This Week

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Buffer Overflow Libtiff
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2017-5345 HIGH POC PATCH This Week

SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Genixcms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.4%
CVE-2016-6772 HIGH POC This Week

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Privilege Escalation Google Android
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.4%
CVE-2016-6492 HIGH POC This Week

The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Mediatek Privilege Escalation Android
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5346 HIGH POC PATCH This Week

SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Genixcms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.1%
CVE-2017-5347 HIGH POC This Week

SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Genixcms
NVD GitHub
CVSS 3.0
7.2
EPSS
0.4%
CVE-2017-0382 HIGH This Week

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-6768 HIGH This Week

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Authentication Bypass Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8430 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8429 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8428 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8427 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8426 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8425 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8424 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8432 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8431 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Privilege Escalation Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-6762 HIGH This Week

An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-6789 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6777 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6776 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6775 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6790 HIGH This Week

An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Nvidia Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6761 HIGH This Week

An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google RCE Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6760 HIGH This Week

An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google RCE Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6759 HIGH This Week

An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google RCE Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6758 HIGH This Week

An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google RCE Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0386 HIGH This Week

An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0381 HIGH PATCH This Week

An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0384 HIGH PATCH This Week

An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8441 HIGH This Week

Possible buffer overflow in the hypervisor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8442 HIGH This Week

Possible unauthorized memory access in the hypervisor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-0387 HIGH This Week

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0385 HIGH This Week

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-0383 HIGH This Week

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8443 HIGH This Week

Possible unauthorized memory access in the hypervisor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8433 HIGH PATCH This Week

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Privilege Escalation Mediatek Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8423 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8422 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8436 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation RCE Google Linux Kernel +1
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-3151 HIGH This Week

Directory traversal vulnerability in the wallpaper parsing functionality in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Clickshare Csc 1 Firmware Clickshare Csm 1 Firmware Clickshare Cse 200 Firmware
NVD VulDB
CVSS 3.0
7.5
EPSS
0.9%
CVE-2017-5350 HIGH This Week

Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Samsung Samsung Mobile
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-5351 HIGH This Week

Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Samsung Samsung Mobile
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-0389 HIGH This Week

A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-0394 HIGH This Week

A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-8399 HIGH This Week

An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Google Authentication Bypass Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2017-0404 HIGH This Week

An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy