Skip to main content
CVE-2017-5358 CRITICAL POC THREAT Emergency

Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 35.3%.

Buffer Overflow RCE PHP Easycom For Php
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
35.3%
Threat
4.5
CVE-2017-5496 CRITICAL POC THREAT Emergency

Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%.

Information Disclosure Sawmill
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
11.3%
CVE-2016-10195 CRITICAL POC PATCH Act Now

The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Libevent Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
5.9%
CVE-2016-10166 CRITICAL PATCH Act Now

Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Information Disclosure Libgd
NVD GitHub
CVSS 3.0
9.8
EPSS
8.3%
CVE-2016-7955 CRITICAL Act Now

The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Ossim Unified Security Management
NVD
CVSS 3.0
9.8
EPSS
6.5%
CVE-2017-5522 CRITICAL PATCH Act Now

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service Debian Linux Mapserver
NVD GitHub
CVSS 3.0
9.8
EPSS
6.0%
CVE-2017-3831 CRITICAL Act Now

A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Aironet Access Point Software
NVD
CVSS 3.0
9.8
EPSS
4.6%
CVE-2016-5239 CRITICAL PATCH Act Now

The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Imagemagick
NVD
CVSS 3.0
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy