Skip to main content
CVE-2016-9054 CRITICAL POC THREAT Emergency

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Buffer Overflow Memory Corruption RCE Database Server
NVD VulDB
CVSS 3.1
9.8
EPSS
14.8%
CVE-2016-9052 CRITICAL POC THREAT Emergency

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Buffer Overflow Memory Corruption RCE Database Server
NVD VulDB
CVSS 3.1
9.8
EPSS
14.8%
CVE-2016-9050 HIGH POC This Week

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Database Server
NVD VulDB
CVSS 3.1
8.2
EPSS
0.6%
CVE-2016-8710 HIGH POC This Week

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Libbpg
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2016-6912 CRITICAL PATCH Act Now

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libgd
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-3794 HIGH This Week

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Webex Meetings Server
NVD VulDB
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-9218 HIGH This Week

A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Hybrid Meeting Server
NVD VulDB
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-10013 HIGH PATCH This Week

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8225 HIGH This Week

Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Lenovo Edge Keyboard Driver Slim Usb Keyboard Driver
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8227 HIGH This Week

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Privilege Escalation Lenovo Transition
NVD VulDB
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-3796 HIGH This Week

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Webex Meetings Server
NVD VulDB
CVSS 3.0
7.2
EPSS
0.9%
CVE-2017-3798 MEDIUM This Month

A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager
NVD VulDB
CVSS 3.0
6.1
EPSS
0.6%
CVE-2017-3804 MEDIUM This Month

A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD VulDB
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3802 MEDIUM This Month

A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Communications Manager
NVD VulDB
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-9222 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Netflow Generation Appliance
NVD VulDB
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-6908 MEDIUM This Month

Characters from languages are such as Arabic, Hebrew are displayed from RTL (Right To Left) order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Google Opera Browser
NVD VulDB
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-10024 MEDIUM PATCH This Month

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2017-3800 MEDIUM This Month

A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured message or. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Email Security Appliance
NVD VulDB
CVSS 3.0
5.8
EPSS
0.2%
CVE-2016-9317 MEDIUM PATCH This Month

The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Libgd
NVD GitHub VulDB
CVSS 3.0
5.5
EPSS
1.1%
CVE-2016-6911 MEDIUM PATCH This Month

The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Libgd
NVD GitHub VulDB
CVSS 3.0
5.5
EPSS
0.6%
CVE-2016-10025 MEDIUM PATCH This Month

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Amd Xen Xenserver
NVD VulDB
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-3799 MEDIUM This Month

A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Cisco Webex Meeting Center
NVD VulDB
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-3795 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Webex Meetings Server
NVD VulDB
CVSS 3.0
5.4
EPSS
0.1%
CVE-2016-9216 MEDIUM This Month

An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Asr 5000 Series Software
NVD VulDB
CVSS 3.0
5.3
EPSS
0.5%
CVE-2017-3805 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Information Disclosure Iox
NVD VulDB
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-3797 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Server
NVD VulDB
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-8226 MEDIUM This Month

The BIOS in Lenovo System X M5, M6, and X6 systems allows administrators to cause a denial of service via updating a UEFI data structure. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Lenovo Flex System X240 M5 Bios Flex System X280 M6 Bios Flex System X480 X6 Bios +8
NVD VulDB
CVSS 3.0
4.9
EPSS
0.3%
CVE-2017-3803 MEDIUM This Month

A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD VulDB
CVSS 3.0
4.7
EPSS
0.2%
CVE-2016-9221 MEDIUM This Month

A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Aironet Access Point Software
NVD VulDB
CVSS 3.0
4.3
EPSS
0.3%
CVE-2016-9220 MEDIUM This Month

A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Aironet Access Point Software
NVD VulDB
CVSS 3.0
4.3
EPSS
0.1%
CVE-2016-9932 LOW PATCH Monitor

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD VulDB
CVSS 3.0
3.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy