Skip to main content
CVE-2017-14627 HIGH POC THREAT Act Now

Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.2%.

Buffer Overflow RCE Labelprint
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
50.2%
Threat
4.6
CVE-2017-14719 HIGH PATCH Act Now

Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 50.7%.

Path Traversal WordPress
NVD
CVSS 3.0
7.5
EPSS
50.7%
CVE-2017-14722 HIGH PATCH Act Now

Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 30.5%.

Path Traversal WordPress
NVD
CVSS 3.0
7.5
EPSS
30.5%
CVE-2017-14727 HIGH PATCH This Week

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Logger
NVD GitHub
CVSS 3.0
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy