Skip to main content
CVE-2017-3881 CRITICAL POC KEV THREAT Emergency

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Cisco HP RCE Apple
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
94.3%
Threat
7.8
CVE-2017-6880 CRITICAL POC Act Now

Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Cerberus Ftp Server
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
5.5%
CVE-2014-8708 CRITICAL POC Act Now

Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Privilege Escalation Pluck
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2017-6969 CRITICAL POC Act Now

readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Binutils
NVD
CVSS 3.0
9.1
EPSS
0.5%
CVE-2017-7174 CRITICAL Act Now

The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Chef Manage
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2014-8704 CRITICAL Act Now

Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include and execute arbitrary local files via a crafted theme. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP Wondercms
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2014-9852 CRITICAL PATCH Act Now

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Imagemagick Opensuse Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2014-8705 CRITICAL PATCH Act Now

PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote attackers to execute arbitrary PHP code via a URL in the hook parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE PHP Wondercms
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2017-0021 CRITICAL PATCH Act Now

Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data. Rated critical severity (CVSS 9.0), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
9.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy