Skip to main content
CVE-2015-4624 HIGH POC THREAT Act Now

Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and EPSS exploitation probability 47.6%.

CSRF Authentication Bypass Wi Fi Pineapple Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
47.6%
Threat
4.4
CVE-2016-6561 HIGH POC PATCH This Week

illumos smbsrv NULL pointer dereference allows system crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Illumos
NVD GitHub
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-2775 HIGH POC This Week

An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Labview
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-8917 HIGH PATCH This Week

IBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Sterling Selling And Fulfillment Foundation
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-6560 HIGH PATCH This Week

illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Illumos
NVD GitHub
CVSS 3.0
8.6
EPSS
0.5%
CVE-2016-9707 HIGH PATCH This Week

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Denial Of Service XXE IBM Rational Rhapsody Design Manager Rational Quality Manager +5
NVD
CVSS 3.0
8.1
EPSS
0.4%
CVE-2017-3009 HIGH This Week

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-7374 HIGH PATCH This Week

Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Linux Use After Free Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2014-9114 HIGH PATCH This Week

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Opensuse Fedora Util Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2017-2647 HIGH PATCH This Week

The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-8032 HIGH PATCH This Week

Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Intel Authentication Bypass Anti Malware Scan Engine
NVD
CVSS 3.0
7.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy