Skip to main content
CVE-2017-8797 HIGH PATCH Act Now

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 30.4%.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.1
7.5
EPSS
30.4%
CVE-2017-8894 HIGH POC This Week

AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Request Smuggling Information Disclosure Aeroadmin
NVD
CVSS 3.0
8.1
EPSS
0.9%
CVE-2017-10790 HIGH POC This Week

The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libtasn1
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-8893 HIGH POC This Week

AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Aeroadmin
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-0377 HIGH PATCH This Week

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Tor
NVD GitHub
CVSS 3.0
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy