Skip to main content
CVE-2017-9602 CRITICAL POC Act Now

KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer.aspx?id=/Uploads file-management component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Kbvault Mysql
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
7.4%
CVE-2017-9097 CRITICAL PATCH Act Now

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0,. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Antiweb
NVD GitHub
CVSS 3.0
9.1
EPSS
9.5%
CVE-2017-9728 CRITICAL Act Now

In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Uclibc
NVD
CVSS 3.0
9.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy