Skip to main content
CVE-2017-6465 CRITICAL POC THREAT Emergency

Remote Code Execution was discovered in FTPShell Client 6.53. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 80.5%.

Buffer Overflow RCE Ftpshell Client
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
80.5%
Threat
5.9
CVE-2017-6427 HIGH POC THREAT Act Now

A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 39.8%.

Buffer Overflow Media Server
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.8%
Threat
4.2
CVE-2017-6506 CRITICAL POC THREAT Emergency

In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.6%.

Buffer Overflow RCE Microsoft Data Expert Ultimate
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
21.6%
Threat
4.1
CVE-2017-2788 CRITICAL Act Now

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 23.6% and no vendor patch available.

Buffer Overflow RCE Popup
NVD
CVSS 3.1
10.0
EPSS
23.6%
CVE-2017-2785 CRITICAL Act Now

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 19.4% and no vendor patch available.

Buffer Overflow RCE Popup
NVD
CVSS 3.0
10.0
EPSS
19.4%
CVE-2016-8714 HIGH POC This Week

An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Debian Linux
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2017-6311 HIGH POC This Week

gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gdk Pixbuf Fedora
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2017-6800 HIGH POC PATCH This Week

An issue was discovered in ytnef before 1.9.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Ytnef Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-2787 CRITICAL Act Now

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 13.0% and no vendor patch available.

Buffer Overflow RCE Popup
NVD
CVSS 3.0
9.0
EPSS
13.0%
CVE-2017-6313 HIGH POC PATCH This Week

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Buffer Overflow Gdk Pixbuf Fedora +1
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2017-6797 MEDIUM POC PATCH This Month

A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Mantisbt
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2017-6799 MEDIUM POC PATCH This Month

A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Mantisbt
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2017-5859 CRITICAL Act Now

On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cnpilot R200 Series Firmware
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2017-6314 MEDIUM POC This Month

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gdk Pixbuf Fedora Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2017-6312 MEDIUM POC This Month

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Buffer Overflow Gdk Pixbuf Fedora +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2017-6798 HIGH PATCH This Week

Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Trend Micro Endpoint Sensor
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2017-2786 HIGH This Week

A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Popup
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2017-6802 HIGH PATCH This Week

An issue was discovered in ytnef before 1.9.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Ytnef Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-5872 HIGH This Week

The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clearpath Mcp
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-6801 HIGH PATCH This Week

An issue was discovered in ytnef before 1.9.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Ytnef Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-4960 HIGH PATCH This Week

An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cloud Foundry Uaa Bosh Cloud Foundry Cloud Foundry Uaa
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2015-2330 HIGH This Week

Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webkitgtk
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-6596 MEDIUM This Month

partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Partclone
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-6355 MEDIUM PATCH This Month

Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Virglrenderer
NVD
CVSS 3.0
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy