Skip to main content
CVE-2017-2824 HIGH POC THREAT Act Now

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 73.5%.

RCE Zabbix Command Injection
NVD
CVSS 3.0
8.1
EPSS
73.5%
Threat
5.3
CVE-2017-2817 HIGH POC This Week

A stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO 6.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Poweriso
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-2819 HIGH POC This Week

An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Hangul Word Processor Thinkfree Office Neo
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2017-2799 HIGH POC This Week

An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Marklogic
NVD
CVSS 3.0
8.3
EPSS
0.6%
CVE-2017-2798 HIGH POC This Week

An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Marklogic
NVD
CVSS 3.0
8.3
EPSS
0.6%
CVE-2017-2823 HIGH POC This Week

A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free RCE Poweriso
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2017-9229 HIGH POC PATCH This Week

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service PHP Oniguruma Ruby
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2017-9217 HIGH PATCH This Week

systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Systemd
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2017-9230 HIGH This Week

The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bitcoin
NVD
CVSS 3.1
7.5
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy