Skip to main content
CVE-2017-8378 CRITICAL POC PATCH Act Now

Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Podofo
NVD GitHub
CVSS 3.0
9.8
EPSS
0.7%
CVE-2017-6519 CRITICAL POC PATCH Act Now

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Avahi Ubuntu Linux
NVD GitHub
CVSS 3.1
9.1
EPSS
1.1%
CVE-2017-8399 CRITICAL PATCH Act Now

PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Pcre2
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2016-8649 CRITICAL PATCH Act Now

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Lxc
NVD GitHub
CVSS 3.0
9.1
EPSS
2.2%
CVE-2017-6520 CRITICAL Act Now

The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Soundtouch 30
NVD
CVSS 3.0
9.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy