Skip to main content
CVE-2015-8556 CRITICAL POC THREAT Emergency

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.2%.

Race Condition Privilege Escalation Qemu
NVD Exploit-DB
CVSS 3.0
10.0
EPSS
21.2%
Threat
4.1
CVE-2017-5334 CRITICAL PATCH Act Now

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Leap Gnutls
NVD
CVSS 3.0
9.8
EPSS
5.6%
CVE-2017-5336 CRITICAL PATCH Act Now

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Leap Gnutls
NVD
CVSS 3.0
9.8
EPSS
3.9%
CVE-2017-5337 CRITICAL PATCH Act Now

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Leap Gnutls
NVD
CVSS 3.0
9.8
EPSS
3.7%
CVE-2016-10128 CRITICAL PATCH Act Now

Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Libgit2
NVD GitHub
CVSS 3.0
9.8
EPSS
2.7%
CVE-2016-6206 CRITICAL Act Now

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Huawei Ar3200 Firmware
NVD
CVSS 3.0
9.8
EPSS
1.8%
CVE-2017-5511 CRITICAL PATCH Act Now

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Imagemagick Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2016-10145 CRITICAL PATCH Act Now

Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2016-10144 CRITICAL PATCH Act Now

coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Imagemagick
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2016-10133 CRITICAL PATCH Act Now

Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Mujs
NVD
CVSS 3.0
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy