Skip to main content
CVE-2017-15222 CRITICAL POC THREAT Emergency

Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 81.6%.

Buffer Overflow RCE Nftp
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
81.6%
Threat
5.9
CVE-2014-1203 CRITICAL POC THREAT Emergency

The get_login_ip_config_file function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 56.1%.

PHP Command Injection Eyou
NVD
CVSS 3.1
9.8
EPSS
56.1%
Threat
5.1
CVE-2017-15081 CRITICAL POC Act Now

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Php Melody
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
7.3%
CVE-2015-5171 CRITICAL PATCH Act Now

The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Elastic Information Disclosure Cf Release Cloud Foundry Elastic Runtime Cloud Foundry Uaa
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2015-5172 CRITICAL PATCH Act Now

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Elastic Information Disclosure Cf Release Cloud Foundry Elastic Runtime Cloud Foundry Uaa
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2017-14695 CRITICAL PATCH Act Now

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Salt
NVD GitHub
CVSS 3.0
9.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy