Skip to main content
CVE-2017-6550 CRITICAL POC Act Now

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Infor Lawson
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
5.9%
CVE-2014-9847 CRITICAL PATCH Act Now

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Studio Onsite Opensuse Leap Suse Linux Enterprise Debuginfo +6
NVD
CVSS 3.0
9.8
EPSS
5.8%
CVE-2014-9846 CRITICAL PATCH Act Now

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Studio Onsite Leap Opensuse Suse Linux Enterprise Debuginfo +6
NVD
CVSS 3.0
9.8
EPSS
4.7%
CVE-2016-4926 CRITICAL Act Now

Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Juniper Junos Space
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2014-9841 CRITICAL PATCH Act Now

The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Opensuse Leap Suse Linux Enterprise Desktop Suse Linux Enterprise Server +4
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2015-8954 CRITICAL Act Now

The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Suricata Privilege Escalation
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2014-9843 CRITICAL PATCH Act Now

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Opensuse Leap Suse Linux Enterprise Desktop Suse Linux Enterprise Server +4
NVD
CVSS 3.0
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy