Skip to main content
CVE-2017-2824 HIGH POC THREAT Act Now

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 73.5%.

RCE Zabbix Command Injection
NVD
CVSS 3.0
8.1
EPSS
73.5%
Threat
5.3
CVE-2017-2800 CRITICAL POC Act Now

A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Wolfssl
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
8.9%
CVE-2017-9226 CRITICAL POC PATCH Act Now

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption PHP Oniguruma
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2017-9224 CRITICAL POC PATCH Act Now

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow PHP Information Disclosure Oniguruma
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-9228 CRITICAL POC PATCH Act Now

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption PHP Oniguruma
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-9227 CRITICAL POC PATCH Act Now

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow PHP Information Disclosure Oniguruma
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2017-9225 CRITICAL POC PATCH Act Now

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption PHP Oniguruma Ruby
NVD GitHub
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-2817 HIGH POC This Week

A stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO 6.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Poweriso
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-2819 HIGH POC This Week

An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Hangul Word Processor Thinkfree Office Neo
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2017-2799 HIGH POC This Week

An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Marklogic
NVD
CVSS 3.0
8.3
EPSS
0.6%
CVE-2017-2798 HIGH POC This Week

An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Marklogic
NVD
CVSS 3.0
8.3
EPSS
0.6%
CVE-2017-2823 HIGH POC This Week

A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free RCE Poweriso
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2017-9229 HIGH POC PATCH This Week

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service PHP Oniguruma Ruby
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2017-9216 MEDIUM POC This Month

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Jbig2Dec Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2017-2801 MEDIUM POC This Month

A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Botan
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-9217 HIGH PATCH This Week

systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Systemd
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2017-9230 HIGH This Week

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bitcoin
NVD
CVSS 3.1
7.5
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy