Skip to main content
CVE-2017-14135 CRITICAL POC THREAT Emergency

enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 90.1%.

Command Injection Opendreambox
NVD
CVSS 3.0
9.8
EPSS
90.1%
Threat
6.2
CVE-2017-14138 CRITICAL POC Act Now

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-14123 HIGH POC PATCH This Week

Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP File Upload Zoho Manageengine Firewall Analyzer
NVD
CVSS 3.1
8.8
EPSS
4.4%
CVE-2017-14127 CRITICAL Act Now

Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Command Injection Td5336 Firmware
NVD
CVSS 3.0
9.8
EPSS
13.5%
CVE-2017-14132 MEDIUM POC This Month

JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Jasper Debian Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
1.0%
CVE-2017-14136 MEDIUM POC PATCH This Month

OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Opencv Debian Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
1.0%
CVE-2017-14126 MEDIUM POC This Month

The Participants Database plugin before 1.7.5.10 for WordPress has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Participants Database
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
2.4%
CVE-2017-14139 MEDIUM POC This Month

ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-14137 HIGH PATCH This Week

ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-14130 MEDIUM PATCH This Month

The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Binutils
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-14129 MEDIUM PATCH This Month

The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Binutils
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2017-14128 MEDIUM PATCH This Month

The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Binutils
NVD
CVSS 3.0
5.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy