Skip to main content
CVE-2015-3188 CRITICAL PATCH Act Now

The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.4%.

Apache Privilege Escalation RCE Storm
NVD VulDB
CVSS 3.0
9.8
EPSS
12.4%
CVE-2016-2090 CRITICAL PATCH Act Now

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Fedora Libbsd Debian Linux Ubuntu Linux
NVD VulDB
CVSS 3.1
9.8
EPSS
1.7%
CVE-2016-10141 CRITICAL Act Now

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Denial Of Service Buffer Overflow Mujs
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy