Skip to main content
CVE-2017-2547 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 56.1%.

Buffer Overflow RCE Apple Denial Of Service Safari +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
56.1%
Threat
4.9
CVE-2017-4915 HIGH POC PATCH THREAT Act Now

VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.

VMware Authentication Bypass Workstation Player Workstation Pro
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
11.6%
CVE-2017-6984 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +4
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
10.3%
CVE-2017-2536 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +2
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
9.9%
CVE-2017-6980 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +2
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
6.3%
CVE-2017-2531 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +2
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
6.3%
CVE-2017-2521 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +3
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
5.7%
CVE-2017-2515 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
4.1%
CVE-2017-2514 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.5%
CVE-2017-9146 HIGH POC This Week

The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ytnef
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2017-6978 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.9%
CVE-2017-6989 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.5%
CVE-2017-6999 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-6998 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-6997 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-6996 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-6995 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-6994 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-6979 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple Iphone Os Mac Os X +2
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
2.3%
CVE-2017-2533 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple Mac Os X
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
2.3%
CVE-2017-2501 HIGH POC This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

RCE Race Condition Apple Iphone Os Mac Os X +2
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
2.1%
CVE-2017-6891 HIGH PATCH This Week

Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libtasn1 Debian Linux Bookkeeper
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2017-2505 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +2
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2017-2544 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +1
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2017-6991 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +1
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-2525 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +2
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-2506 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +1
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2017-2539 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +1
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2017-2496 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +1
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2017-6983 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +1
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-2526 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +1
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-2530 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Microsoft Apple +4
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2017-2538 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Safari +1
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2016-6112 HIGH This Week

IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Privilege Escalation Marketing Platform Marketing Operations Distributed Marketing
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-6634 HIGH This Week

A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series Switches 1.3 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Industrial Ethernet 1000 Series Firmware
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-4854 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in L-04D firmware version V10a and V10b allows remote attackers to hijack the authentication of administrators to perform arbitrary operations via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF L 04D Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-4904 HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Olivecart Olivecartpro
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-6977 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apple Mac Os X
NVD
CVSS 3.0
8.6
EPSS
0.2%
CVE-2017-2534 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
8.6
EPSS
0.2%
CVE-2017-1289 HIGH PATCH This Week

IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE IBM Java Sdk
NVD
CVSS 3.0
8.2
EPSS
0.9%
CVE-2017-5657 HIGH PATCH This Week

Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Apache Archiva
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2016-7804 HIGH This Week

Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure 7 Zip
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-6650 HIGH This Week

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-6649 HIGH This Week

A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2016-4901 HIGH This Week

Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E Tax
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-4900 HIGH This Week

Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Evernote
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-2175 HIGH This Week

Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Empirical Project Monitor Extended
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-2541 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-2499 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apple Safari Iphone Os +1
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-6981 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Iphone Os Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy