Skip to main content
CVE-2017-0176 HIGH POC PATCH THREAT Act Now

A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 70.2%.

Buffer Overflow RCE Microsoft Windows Server 2003 Windows Xp
NVD
CVSS 3.0
8.1
EPSS
70.2%
Threat
5.2
CVE-2015-9098 CRITICAL POC THREAT Emergency

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 40.0%.

RCE Microsoft SQLi Sql Monitor
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
40.0%
Threat
4.7
CVE-2017-3629 HIGH POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 29.4%.

Buffer Overflow Oracle Solaris
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
29.4%
CVE-2017-9807 CRITICAL POC THREAT Emergency

An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%.

RCE Python Code Injection Openwebif
NVD GitHub
CVSS 3.0
9.8
EPSS
14.0%
CVE-2017-2780 CRITICAL POC Act Now

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Matrixssl
NVD
CVSS 3.1
9.8
EPSS
4.1%
CVE-2017-2781 CRITICAL POC Act Now

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Matrixssl
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2017-3631 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Denial Of Service Oracle Solaris
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
10.9%
CVE-2017-3630 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Memory Corruption Denial Of Service Oracle Solaris
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
10.9%
CVE-2012-6706 CRITICAL POC Act Now

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow RCE Sophos Buffer Overflow Threat Detection Engine +1
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-9424 CRITICAL Act Now

IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Breeze Server Net
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2017-2782 MEDIUM POC This Month

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Matrixssl
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-9776 HIGH PATCH This Week

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow Poppler Debian Linux +6
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2017-0897 HIGH This Week

ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Expressionengine
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-9775 MEDIUM PATCH This Month

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Poppler Debian Linux Enterprise Linux Desktop +5
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-9815 MEDIUM This Month

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libtiff Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2016-9982 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Sterling B2b Integrator
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-9747 MEDIUM PATCH This Month

IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Engineering Lifecycle Manager Rational Collaborative Lifecycle Management
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9983 MEDIUM PATCH This Month

IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Sterling B2b Integrator
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2017-1326 MEDIUM PATCH This Month

IBM Sterling File Gateway does not properly restrict user requests based on permission level. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

IBM Privilege Escalation Sterling B2b Integrator
NVD
CVSS 3.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy