Skip to main content
CVE-2017-14980 CRITICAL POC THREAT Emergency

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 74.6%.

Buffer Overflow Syncbreeze
NVD
CVSS 3.0
9.8
EPSS
74.6%
Threat
5.7
CVE-2014-0030 CRITICAL POC THREAT Emergency

The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.1%.

XXE Apache Roller
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
29.1%
Threat
4.3
CVE-2017-15226 CRITICAL POC Act Now

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zyxel Command Injection Nbg6716 Firmware
NVD
CVSS 3.0
9.8
EPSS
7.5%
CVE-2014-9474 CRITICAL Act Now

Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Gnu Mpfr
NVD
CVSS 3.0
9.8
EPSS
4.2%
CVE-2017-12861 CRITICAL Act Now

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Brute Force Information Disclosure Easymp
NVD
CVSS 3.0
9.8
EPSS
3.7%
CVE-2017-12860 CRITICAL Act Now

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Easymp
NVD
CVSS 3.0
9.8
EPSS
3.5%
CVE-2017-13706 CRITICAL Act Now

XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information,. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service SSRF XXE Lansweeper
NVD
CVSS 3.0
9.9
EPSS
1.4%
CVE-2017-8994 CRITICAL Act Now

A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Operations Orchestration
NVD
CVSS 3.0
9.8
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy