Skip to main content
CVE-2017-7293 HIGH POC This Week

The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Privilege Escalation Lenovo Dolby Audio X2 Dolby Audio X3
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
2.1%
CVE-2017-7720 HIGH POC This Week

Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long password. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Privatetunnel
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-3162 HIGH PATCH This Week

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Hadoop
NVD
CVSS 3.0
7.3
EPSS
1.9%
CVE-2017-6054 HIGH This Week

A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2017-8284 HIGH PATCH This Week

The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain. Rated high severity (CVSS 7.0). This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Qemu
NVD GitHub
CVSS 3.0
7.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy