Skip to main content
CVE-2017-11395 HIGH POC PATCH This Week

Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Trend Micro Command Injection Smart Protection Server
NVD
CVSS 3.0
8.8
EPSS
8.5%
CVE-2017-14705 HIGH POC This Week

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Microsoft Command Injection I Suite Web Application Firewall
NVD GitHub
CVSS 3.0
8.1
EPSS
4.4%
CVE-2017-14686 HIGH POC This Week

Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Microsoft Denial Of Service Mupdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-14687 HIGH POC This Week

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft Mupdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-14685 HIGH POC This Week

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft Mupdf
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14081 HIGH PATCH Act Now

Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.3%.

RCE Trend Micro Command Injection Mobile Security
NVD
CVSS 3.0
8.8
EPSS
13.3%
CVE-2017-14079 HIGH PATCH Act Now

Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.2%.

RCE Trend Micro File Upload Mobile Security
NVD
CVSS 3.0
8.8
EPSS
13.2%
CVE-2017-8007 HIGH This Week

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Emc M R Emc Storage Monitoring And Reporting Emc Vipr Srm Emc Vnx Monitoring And Reporting
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2017-3770 HIGH This Week

Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Xclarity Administrator
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-6277 HIGH This Week

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Microsoft Gpu Driver
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-6272 HIGH This Week

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Gpu Driver
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14694 HIGH This Week

Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Foxit Reader
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14692 HIGH This Week

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Stdu Viewer
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14690 HIGH This Week

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Stdu Viewer
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14693 HIGH This Week

IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Irfanview
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14691 HIGH This Week

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stdu Viewer
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14689 HIGH This Week

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stdu Viewer
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-14688 HIGH This Week

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Stdu Viewer
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-6268 HIGH This Week

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Microsoft Gpu Driver
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-6269 HIGH This Week

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Microsoft Gpu Driver
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-8012 HIGH This Week

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Java Emc M R Emc Storage Monitoring And Reporting Emc Vipr Srm +1
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2017-11396 HIGH PATCH This Week

Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Code Injection Trend Micro Interscan Web Security Virtual Appliance
NVD
CVSS 3.1
7.2
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy