Skip to main content
CVE-2017-2810 HIGH POC PATCH This Week

An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Python Information Disclosure Tablib
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2017-7914 HIGH Act Now

A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Rockwell Information Disclosure Panelview Plus 6 700 1500 Firmware
NVD
CVSS 3.0
8.6
EPSS
12.6%
CVE-2017-8907 HIGH This Week

Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Atlassian Authentication Bypass Bamboo
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2017-0663 HIGH This Week

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google RCE Android
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2017-0637 HIGH PATCH This Week

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Google Android
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2017-0638 HIGH This Week

A remote code execution vulnerability in System UI component could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google RCE Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-0648 HIGH This Week

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-7910 HIGH This Week

A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Wind Analysis
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-4981 HIGH This Week

EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Cert C
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2017-0649 HIGH This Week

An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0636 HIGH This Week

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy