Skip to main content
CVE-2017-0176 HIGH POC PATCH THREAT Act Now

A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 70.2%.

Buffer Overflow RCE Microsoft Windows Server 2003 Windows Xp
NVD
CVSS 3.0
8.1
EPSS
70.2%
Threat
5.2
CVE-2017-3629 HIGH POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 29.4%.

Buffer Overflow Oracle Solaris
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
29.4%
CVE-2017-9776 HIGH PATCH This Week

Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Denial Of Service Buffer Overflow Poppler Debian Linux +6
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2017-0897 HIGH This Week

ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Expressionengine
NVD
CVSS 3.0
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy