Skip to main content
CVE-2017-6398 HIGH POC THREAT Act Now

An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 64.6%.

Trend Micro Command Injection Interscan Messaging Security Virtual Appliance
NVD
CVSS 3.0
8.8
EPSS
64.6%
Threat
5.2
CVE-2017-6367 HIGH POC THREAT Act Now

In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 39.8%.

Denial Of Service Microsoft Ftp Server
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.8%
Threat
4.2
CVE-2016-8023 HIGH POC THREAT Act Now

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.3%.

Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
11.3%
CVE-2016-8024 HIGH POC This Week

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
9.2%
CVE-2017-6896 HIGH POC This Week

Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Dg Hr1400 Router Firmware
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.5%
CVE-2016-8022 HIGH POC This Week

Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service RCE Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.6%
CVE-2016-8020 HIGH POC This Week

Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
2.9%
CVE-2017-2997 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Adobe Flash Player Flash Player Desktop Runtime
NVD
CVSS 3.1
8.8
EPSS
5.5%
CVE-2017-2999 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Adobe RCE Flash Player +1
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2017-2998 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Adobe RCE Flash Player +1
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2017-3002 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free RCE Adobe Memory Corruption +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2017-3001 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free RCE Adobe Memory Corruption +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2017-3003 HIGH PATCH This Week

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free RCE Adobe Memory Corruption +2
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2015-8988 HIGH PATCH This Week

Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Intel Command Injection Epo Deep Command
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2015-8989 HIGH This Week

Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Vulnerability Manager
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-8008 HIGH This Week

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Security Scan Plus
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2017-2983 HIGH This Week

Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Shockwave Player
NVD
CVSS 3.0
7.8
EPSS
2.2%
CVE-2016-10189 HIGH PATCH This Week

BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service RCE Bitlbee Bitlbee Libpurple
NVD GitHub
CVSS 3.0
7.5
EPSS
3.2%
CVE-2016-8747 HIGH PATCH This Week

An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apache Information Disclosure Tomcat Java
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2013-7462 HIGH This Week

A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Intel Saas Control Console Platform
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2017-6903 HIGH PATCH This Week

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Ioquake3
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8026 HIGH This Week

Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Security Scan Plus
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8009 HIGH This Week

Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Privilege Escalation Application Control
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-8010 HIGH This Week

Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Application Control Endpoint Security
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8012 HIGH This Week

Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Data Loss Prevention Endpoint
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10252 HIGH PATCH This Week

Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.0
7.5
EPSS
0.8%
CVE-2014-8688 HIGH This Week

An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Information Disclosure Messenger
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2015-8990 HIGH This Week

Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel Authentication Bypass Advanced Threat Defense
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-9368 HIGH This Week

An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xcomfort Ethernet Communication Interface
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-6874 HIGH PATCH This Week

Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.0
EPSS
0.1%
CVE-2015-8993 HIGH This Week

Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor Cloud Av Security Scan Plus
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2015-8992 HIGH This Week

Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor Cloud Av Security Scan Plus
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2015-8991 HIGH This Week

Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting. Rated high severity (CVSS 7.0). No vendor patch available.

Intel Privilege Escalation Security Webadvisor Cloud Av Security Scan Plus
NVD
CVSS 3.0
7.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy