Skip to main content
CVE-2017-6320 HIGH POC THREAT Act Now

A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.6%.

Barracuda Command Injection Load Balancer Adc
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
28.6%
Threat
4.1
CVE-2017-11403 HIGH PATCH This Week

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Graphicsmagick
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2017-1318 HIGH This Week

IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Command Injection Mq Appliance
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-7506 HIGH This Week

spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Spice
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-10961 HIGH This Week

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF File Upload Redcap
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-10708 HIGH This Week

An issue was discovered in Apport through 2.20.x. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Apport
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2017-11421 HIGH PATCH This Week

gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Gnome Exe Thumbnailer
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-11409 HIGH PATCH This Week

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-11407 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2017-11406 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-11408 HIGH PATCH This Week

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-11411 HIGH PATCH This Week

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2017-11410 HIGH PATCH This Week

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy