Skip to main content
CVE-2017-9380 HIGH POC This Week

OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Openemr
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
0.9%
CVE-2017-9353 HIGH POC PATCH This Week

In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Wireshark
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
7.1%
CVE-2017-9379 HIGH POC This Week

Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin\modules\dashboard\vitals-statistics\404\clear.php and the from or to parameter to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Bigtree Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-9365 HIGH POC PATCH This Week

CSRF exists in BigTree CMS through 4.2.18 with the force parameter to /admin/pages/revisions.php - for example: /admin/pages/revisions/1/?force=false. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF PHP Bigtree Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-9347 HIGH POC PATCH This Week

In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Wireshark
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
5.0%
CVE-2017-9372 HIGH This Week

PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Open Source Certified Asterisk
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2017-9358 HIGH This Week

A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Asterisk Certified Asterisk
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-9344 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-9350 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-9349 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-9354 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-9348 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-9351 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-9345 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-9346 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-9352 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-9343 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-9359 HIGH This Week

The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Open Source Certified Asterisk
NVD
CVSS 3.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy