Skip to main content
CVE-2017-7533 HIGH POC PATCH This Week

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that. Rated high severity (CVSS 7.0). Public exploit code available.

Buffer Overflow Denial Of Service Race Condition Linux Linux Kernel
NVD GitHub Exploit-DB
CVSS 3.1
7.0
EPSS
9.4%
CVE-2017-12439 HIGH POC This Week

SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

XSS CSRF Flash Slideshow Maker
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2017-12562 CRITICAL PATCH Act Now

Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Libsndfile Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2017-9860 CRITICAL Act Now

An issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-9855 CRITICAL Act Now

An issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2017-9853 CRITICAL Act Now

An issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Brute Force Information Disclosure Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware +36
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-9852 CRITICAL Act Now

An Incorrect Password Management issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-9854 CRITICAL Act Now

An issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-9859 CRITICAL Act Now

An issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-9861 CRITICAL Act Now

An issue was discovered in SMA Solar Technology products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-9863 HIGH This Week

An issue was discovered in SMA Solar Technology products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +36
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-9857 HIGH This Week

An issue was discovered in SMA Solar Technology products. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
8.1
EPSS
0.1%
CVE-2017-9858 HIGH This Week

An issue was discovered in SMA Solar Technology products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-9864 HIGH This Week

An issue was discovered in SMA Solar Technology products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-9851 HIGH This Week

An issue was discovered in SMA Solar Technology products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Sunny Explorer
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-9862 HIGH This Week

An issue was discovered in SMA Solar Technology products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sunny Explorer
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-12566 MEDIUM PATCH This Month

In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-12563 MEDIUM PATCH This Month

In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-12565 MEDIUM PATCH This Month

In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-12564 MEDIUM PATCH This Month

In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-12419 MEDIUM This Month

If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks". Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Mantisbt
NVD
CVSS 3.0
4.9
EPSS
1.1%
CVE-2017-12572 MEDIUM This Month

Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Splunk
NVD
CVSS 3.0
4.8
EPSS
0.3%
CVE-2017-9856 LOW Monitor

An issue was discovered in SMA Solar Technology products. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Sunny Boy 3600 Firmware Sunny Boy 5000 Firmware Sunny Tripower Core1 Firmware Sunny Tripower 15000Tl Firmware +35
NVD
CVSS 3.1
3.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy