Skip to main content
CVE-2017-3078 CRITICAL POC THREAT Emergency

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 70.0%.

Buffer Overflow RCE Adobe Flash Player
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
70.0%
Threat
5.6
CVE-2017-3077 CRITICAL POC THREAT Emergency

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.9%.

Buffer Overflow RCE Adobe Flash Player
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
53.9%
Threat
5.1
CVE-2017-3076 CRITICAL POC THREAT Emergency

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.9%.

Buffer Overflow RCE Adobe Flash Player
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
53.9%
Threat
5.1
CVE-2017-3169 CRITICAL POC THREAT Emergency

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 30.8%.

Null Pointer Dereference Denial Of Service Apache Http Server Apache HTTP Server
NVD GitHub
CVSS 3.0
9.8
EPSS
30.8%
Threat
4.4
CVE-2017-7679 CRITICAL POC PATCH THREAT Act Now

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 30.1%.

Buffer Overflow Apache Http Server Apache HTTP Server
NVD GitHub
CVSS 3.0
9.8
EPSS
30.1%
Threat
4.4
CVE-2017-3216 CRITICAL POC Act Now

WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Mediatek Authentication Bypass Ox350 Firmware Bm2022 Firmware Hes 309M Firmware +11
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2017-3098 CRITICAL Act Now

Adobe Captivate versions 9 and earlier have a remote code execution vulnerability in the quiz reporting feature that could be abused to read and write arbitrary files to the server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.8% and no vendor patch available.

RCE Adobe Captivate
NVD
CVSS 3.0
9.8
EPSS
11.8%
CVE-2017-3167 CRITICAL PATCH Act Now

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Http Server Clustered Data Ontap Oncommand Unified Manager +12
NVD
CVSS 3.1
9.8
EPSS
9.6%
CVE-2017-3097 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
6.9%
CVE-2017-3092 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
6.9%
CVE-2017-3090 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
6.9%
CVE-2017-3086 CRITICAL Act Now

Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Shockwave Player
NVD
CVSS 3.0
9.8
EPSS
5.8%
CVE-2017-3088 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF runtime engine. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
10.0
EPSS
2.6%
CVE-2017-3082 CRITICAL Act Now

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Flash Player
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2017-3079 CRITICAL Act Now

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Flash Player
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2017-3095 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2017-3096 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2017-3094 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2017-3093 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the bitmap representation module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2017-3089 CRITICAL Act Now

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Digital Editions
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2017-3083 CRITICAL Act Now

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2017-3081 CRITICAL Act Now

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2017-3084 CRITICAL Act Now

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2017-3075 CRITICAL Act Now

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Adobe Memory Corruption +1
NVD
CVSS 3.0
9.8
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy