Remote unauthenticated attackers can execute arbitrary code on Adobe ColdFusion servers through Java deserialization flaws in the bundled Apache BlazeDS library. This critical vulnerability affects ColdFusion 10 (all updates through 22), ColdFusion 11 (through Update 11), and ColdFusion 2016 (through Update 3). CISA confirms active exploitation in the wild with publicly available exploit code (Exploit-DB 43993), and EPSS scoring at 93.36% (100th percentile) indicates extremely high real-world exploitation likelihood. The network-accessible attack vector requiring no authentication or user interaction makes this a top-priority remediation target for any organization running affected ColdFusion versions.
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.4%.
In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.