Skip to main content
CVE-2017-8835 CRITICAL POC PATCH THREAT Act Now

SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 63.8%.

SQLi B305Hw2 Firmware 380Hw6 Firmware 580Hw2 Firmware 710Hw3 Firmware +2
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
63.8%
Threat
5.4
CVE-2017-9430 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.7%.

Buffer Overflow Denial Of Service Dnstracer
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
14.7%
CVE-2017-8837 CRITICAL POC PATCH THREAT Act Now

Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.0%.

Information Disclosure B305Hw2 Firmware 380Hw6 Firmware 580Hw2 Firmware 710Hw3 Firmware +2
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
11.0%
CVE-2017-9432 CRITICAL PATCH Act Now

Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Libstaroffice
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2017-9431 CRITICAL PATCH Act Now

Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Google Grpc
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2017-9433 CRITICAL PATCH Act Now

Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Libmwaw
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-9435 CRITICAL PATCH Act Now

Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi PHP Dolibarr
NVD GitHub
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-9436 CRITICAL PATCH Act Now

TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi PHP Teampass
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy