Skip to main content
CVE-2017-11774 HIGH POC KEV PATCH THREAT Act Now

Remote attackers can execute arbitrary code on Microsoft Outlook 2010-2016 systems by delivering a malicious file that triggers a buffer overflow when the user opens it. This vulnerability is confirmed actively exploited (CISA KEV) with publicly available exploit code, achieving an EPSS score of 84.64% (99th percentile) indicating very high real-world exploitation probability. The attack leverages Outlook's Home Page feature to bypass security controls and achieve code execution with the privileges of the logged-in user, affecting all Outlook versions from 2010 SP2 through 2016 prior to October 2017 patches.

Buffer Overflow Microsoft
NVD
CVSS 3.1
7.8
EPSS
84.6%
Threat
9.1
CVE-2017-11826 HIGH POC KEV PATCH THREAT Act Now

Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Microsoft RCE
NVD
CVSS 3.1
7.8
EPSS
90.8%
Threat
7.3
CVE-2017-11809 HIGH POC PATCH THREAT Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 78.7%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
78.7%
Threat
5.4
CVE-2017-11802 HIGH POC PATCH THREAT Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 78.7%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
78.7%
Threat
5.4
CVE-2017-11799 HIGH POC PATCH THREAT Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 78.7%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
78.7%
Threat
5.4
CVE-2017-11811 HIGH POC PATCH THREAT Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 74.0%.

Buffer Overflow RCE Microsoft Edge Chakracore
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
74.0%
Threat
5.2
CVE-2017-11810 HIGH POC PATCH THREAT Act Now

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 62.7%.

Buffer Overflow RCE Microsoft Internet Explorer
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
62.7%
Threat
4.9
CVE-2017-11793 HIGH POC PATCH THREAT Act Now

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 61.7%.

Buffer Overflow RCE Microsoft Internet Explorer
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
61.7%
Threat
4.8
CVE-2017-11763 HIGH PATCH Act Now

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.8
EPSS
40.7%
CVE-2017-11762 HIGH PATCH Act Now

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.8
EPSS
40.7%
CVE-2017-11812 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 42.3%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
42.3%
CVE-2017-11779 HIGH PATCH Act Now

The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 38.3%.

RCE Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
8.1
EPSS
38.3%
CVE-2017-11769 HIGH PATCH Act Now

The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 33.9%.

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.8
EPSS
33.9%
CVE-2017-8718 HIGH PATCH Act Now

The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 32.4%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.8
EPSS
32.4%
CVE-2017-8717 HIGH PATCH Act Now

The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 32.4%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.8
EPSS
32.4%
CVE-2017-11825 HIGH PATCH Act Now

Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 32.4%.

Buffer Overflow RCE Microsoft Office Office For Mac
NVD
CVSS 3.0
7.8
EPSS
32.4%
CVE-2017-15012 HIGH POC This Week

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Documentum Content Server
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
4.1%
CVE-2017-15013 HIGH POC This Week

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Documentum Content Server
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.4%
CVE-2017-15276 HIGH POC This Week

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Privilege Escalation Documentum Content Server
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.6%
CVE-2017-11801 HIGH PATCH Act Now

ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.1%.

RCE Information Disclosure Chakracore
NVD
CVSS 3.0
7.5
EPSS
26.1%
CVE-2017-11797 HIGH PATCH Act Now

ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.1%.

RCE Information Disclosure Chakracore
NVD
CVSS 3.0
7.5
EPSS
26.1%
CVE-2017-11819 HIGH PATCH Act Now

Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.0%.

Buffer Overflow RCE Microsoft Windows 7
NVD
CVSS 3.0
7.5
EPSS
26.0%
CVE-2017-11821 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11808 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11807 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11806 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11805 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11796 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11792 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
24.4%
CVE-2017-11772 HIGH PATCH Act Now

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.7%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
22.7%
CVE-2017-11781 HIGH PATCH Act Now

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.8%.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
21.8%
CVE-2017-8727 HIGH PATCH Act Now

Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-11822 HIGH PATCH Act Now

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5%.

Buffer Overflow RCE Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-11813 HIGH PATCH Act Now

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5%.

Buffer Overflow RCE Microsoft Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-11804 HIGH PATCH Act Now

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5%.

Buffer Overflow RCE Microsoft Chakracore Edge
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-11800 HIGH PATCH Act Now

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-11798 HIGH PATCH Act Now

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2017-11776 HIGH PATCH Act Now

Microsoft Outlook 2016 allows an attacker to obtain the email content of a user, due to how Outlook 2016 discloses user email content, aka "Microsoft Outlook Information Disclosure Vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.6%.

Microsoft Information Disclosure Outlook
NVD
CVSS 3.0
7.5
EPSS
18.6%
CVE-2017-11786 HIGH PATCH Act Now

Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be reused elsewhere, due to how Skype for Business handles. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.5%.

Microsoft Information Disclosure Lync Skype For Business
NVD
CVSS 3.0
8.8
EPSS
11.5%
CVE-2017-6223 HIGH This Week

Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Zonedirector Firmware
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2017-11780 HIGH PATCH Act Now

The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 10.0%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
10.0%
CVE-2017-6224 HIGH This Week

Ruckus Wireless Zone Director Controller firmware releases ZD9.x, ZD10.0.0.x, ZD10.0.1.x (less than 10.0.1.0.17 MR1 release) and Ruckus Wireless Unleashed AP Firmware releases 200.0.x, 200.1.x,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Zonedirector Firmware Unleashed Firmware
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2016-4922 HIGH This Week

Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Juniper Command Injection Junos
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2016-4924 HIGH This Week

An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2017-10612 HIGH This Week

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Juniper Junos Space
NVD
CVSS 3.0
8.0
EPSS
0.4%
CVE-2016-4923 HIGH This Week

Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Juniper Information Disclosure Junos
NVD
CVSS 3.0
8.0
EPSS
0.3%
CVE-2016-5789 HIGH This Week

A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Jtc 200 Firmware
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2017-11782 HIGH PATCH This Week

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.8
EPSS
0.7%
CVE-2016-4925 HIGH This Week

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junose
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2016-4921 HIGH This Week

By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.0
7.5
EPSS
1.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy