Skip to main content
CVE-2016-7834 HIGH POC PATCH THREAT Act Now

SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551,. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 39.5%.

Information Disclosure Snc Series Firmware
NVD
CVSS 3.0
8.8
EPSS
39.5%
Threat
4.4
CVE-2015-8284 HIGH POC This Week

SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Spectrum Sdc
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
5.9%
CVE-2016-1914 HIGH POC PATCH This Week

Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Blackberry Enterprise Service
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.2%
CVE-2016-8712 HIGH POC This Week

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Awk 3131A Firmware
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2015-8270 HIGH POC This Week

The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Rtmpdump
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-8727 HIGH POC This Week

An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Awk 3131A Firmware
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-8726 HIGH POC This Week

An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Awk 3131A Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-8723 HIGH POC This Week

An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Awk 3131A Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-4970 HIGH PATCH This Week

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Netty Jboss Data Grid Jboss Middleware Text Only Advisories +1
NVD GitHub
CVSS 3.1
7.5
EPSS
8.2%
CVE-2017-7219 HIGH PATCH This Week

A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Citrix Netscaler Gateway Firmware
NVD
CVSS 3.0
8.8
EPSS
1.6%
CVE-2015-8567 HIGH PATCH This Week

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Qemu Ubuntu Linux Debian Linux Linux Enterprise Debuginfo +6
NVD
CVSS 3.1
7.7
EPSS
3.5%
CVE-2015-8619 HIGH PATCH This Week

The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service Qemu Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2015-8107 HIGH This Week

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE A2Ps
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2016-10123 HIGH This Week

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10122 HIGH This Week

Firejail does not properly clean environment variables, which allows local users to gain privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10117 HIGH This Week

Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10121 HIGH This Week

Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10120 HIGH This Week

Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-10119 HIGH This Week

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Firejail
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2012-6697 HIGH PATCH This Week

InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Inspircd Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2015-4646 HIGH This Week

(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Squashfs
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2016-10326 HIGH PATCH This Week

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Osip
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-10325 HIGH PATCH This Week

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Osip
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-7853 HIGH PATCH This Week

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Osip
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2013-6648 HIGH PATCH This Week

SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Skia
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-1132 HIGH This Week

Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Shoplat
NVD
CVSS 3.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy