Skip to main content
CVE-2017-12231 HIGH KEV THREAT Act Now

A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Cisco Denial Of Service Apple
NVD
CVSS 3.1
7.5
EPSS
6.8%
CVE-2017-12234 HIGH KEV THREAT Act Now

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Cisco Denial Of Service Apple
NVD
CVSS 3.1
7.5
EPSS
6.5%
CVE-2017-12233 HIGH KEV THREAT Act Now

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Cisco Denial Of Service Apple
NVD
CVSS 3.1
7.5
EPSS
6.5%
CVE-2017-12237 HIGH KEV THREAT Act Now

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Cisco Denial Of Service Microsoft Apple
NVD
CVSS 3.1
7.5
EPSS
5.3%
CVE-2017-12235 HIGH KEV THREAT Act Now

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Cisco Denial Of Service Apple
NVD
CVSS 3.1
7.5
EPSS
4.9%
CVE-2017-14867 HIGH This Week

Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Git Debian Linux
NVD
CVSS 3.0
8.8
EPSS
6.5%
CVE-2017-12226 HIGH This Week

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, and Cisco. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Privilege Escalation Ios Xe
NVD
CVSS 3.0
8.8
EPSS
4.0%
CVE-2017-12230 HIGH This Week

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Privilege Escalation Ios Xe
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2017-8448 HIGH This Week

An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass X Pack
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2014-2029 HIGH PATCH This Week

The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

RCE Information Disclosure Toolkit
NVD
CVSS 3.0
8.1
EPSS
0.7%
CVE-2017-7687 HIGH PATCH This Week

When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev might crash because the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Apache Mesos
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2017-9790 HIGH PATCH This Week

When handling a libprocess message wrapped in an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev crashes if the request path is empty,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Apache Memory Corruption Denial Of Service Use After Free Mesos
NVD
CVSS 3.0
7.5
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy