Skip to main content
CVE-2016-6253 HIGH POC Act Now

mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netbsd
NVD Exploit-DB VulDB
CVSS 3.0
7.8
EPSS
7.3%
CVE-2014-9755 HIGH This Week

The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Multichannel Vpn Router 300 Firmware
NVD VulDB
CVSS 3.0
7.5
EPSS
1.8%
CVE-2016-5323 HIGH This Week

The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libtiff Opensuse
NVD VulDB
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-10143 HIGH PATCH This Week

A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Tikiwiki Cms Groupware
NVD VulDB
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-7038 HIGH PATCH This Week

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Moodle
NVD VulDB
CVSS 3.0
7.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy