Skip to main content
CVE-2016-9091 HIGH POC THREAT Act Now

Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.5%.

Command Injection Advanced Secure Gateway Content Analysis System Software
NVD Exploit-DB
CVSS 3.0
7.2
EPSS
36.5%
Threat
4.0
CVE-2017-7447 HIGH POC PATCH This Week

HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF PHP Helpdezk
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-7446 HIGH POC PATCH This Week

HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Helpdezk
NVD Exploit-DB GitHub
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-7358 HIGH POC This Week

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Debian Lightdm Ubuntu Linux
NVD Exploit-DB
CVSS 3.0
7.3
EPSS
1.7%
CVE-2017-6956 HIGH This Week

On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Broadcom RCE Hardmac Wi Fi Soc Firmware
NVD
CVSS 3.0
8.8
EPSS
5.4%
CVE-2016-6100 HIGH This Week

IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF IBM Disposal And Governance Management For It Global Retention Policy And Schedule Management
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-7444 HIGH This Week

In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure System Recovery
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-4680 HIGH PATCH This Week

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Freeradius Linux Enterprise Server Linux Enterprise Software Development Kit
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-0339 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0327 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0325 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Google Nvidia Memory Corruption +1
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0329 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Nvidia Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0332 HIGH PATCH This Week

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Google Nvidia Memory Corruption +1
NVD
CVSS 3.0
7.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy