Skip to main content
CVE-2017-8291 HIGH POC KEV PATCH THREAT Act Now

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Authentication Bypass Memory Corruption
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
92.9%
Threat
7.3
CVE-2017-7415 HIGH POC This Week

Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Atlassian Information Disclosure Confluence Server
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-8308 HIGH POC This Week

In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-6037 HIGH This Week

A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Levi Studio Hmi Editor
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2017-6035 HIGH This Week

A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stack Overflow Levi Studio Hmi Editor
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-8288 HIGH PATCH This Week

gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Gnome Shell
NVD GitHub
CVSS 3.0
8.1
EPSS
0.4%
CVE-2017-5186 HIGH This Week

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Edirectory Imanager
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-8296 HIGH PATCH This Week

kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure Ked Password Manager
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-8294 HIGH PATCH This Week

libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Yara
NVD GitHub
CVSS 3.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy