Skip to main content
CVE-2017-4914 CRITICAL POC PATCH THREAT Act Now

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Deserialization VMware Vsphere Data Protection
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
13.3%
CVE-2017-7312 CRITICAL POC Act Now

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Personify360
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
8.3%
CVE-2015-7346 CRITICAL POC Act Now

SQL injection vulnerability in ZCMS 1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zcms
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
4.2%
CVE-2015-7326 CRITICAL POC PATCH Act Now

XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XXE Webdav
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
CVE-2016-6087 CRITICAL PATCH Act Now

IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft IBM Information Disclosure Domino
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2017-1196 CRITICAL Act Now

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Brute Force IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-4917 CRITICAL PATCH Act Now

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

VMware Information Disclosure Vsphere Data Protection
NVD
CVSS 3.0
9.8
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy