Skip to main content
CVE-2017-1274 HIGH POC THREAT Act Now

IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 17.8%.

Buffer Overflow RCE IBM Domino
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
17.8%
CVE-2017-8221 HIGH POC THREAT Act Now

Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud feature) for communication between an Android application and a camera device, which allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.1%.

Google Information Disclosure Wireless Ip Camera P2P Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
19.1%
CVE-2017-8223 HIGH POC THREAT Act Now

On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.0%.

Authentication Bypass Wireless Ip Camera P2P Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
18.0%
CVE-2017-7221 HIGH POC This Week

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi Documentum Content Server
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
1.6%
CVE-2017-8222 HIGH POC This Week

Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Wireless Ip Camera P2P Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
7.3%
CVE-2017-5051 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5050 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5049 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5048 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-5047 HIGH This Week

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Google Chrome
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-1149 HIGH This Week

IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service XXE IBM Urbancode Deploy
NVD
CVSS 3.0
8.1
EPSS
0.4%
CVE-2017-8109 HIGH PATCH This Week

The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Salt
NVD GitHub
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-3434 HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Audience workbench). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-3356 HIGH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-3355 HIGH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-3345 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-3347 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-3342 HIGH PATCH This Week

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Marketing
NVD
CVSS 3.0
7.1
EPSS
1.0%
CVE-2017-7477 HIGH PATCH This Week

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by. Rated high severity (CVSS 7.0).

Buffer Overflow Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy