Skip to main content
CVE-2017-7411 HIGH POC THREAT Act Now

An issue was discovered in Enalean Tuleap 9.6 and prior versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.9%.

RCE Code Injection Deserialization PHP Tuleap
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
73.9%
Threat
5.5
CVE-2015-0224 HIGH PATCH Act Now

qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 56.0%.

Denial Of Service Apache Qpid
NVD
CVSS 3.0
7.5
EPSS
56.0%
CVE-2017-15921 HIGH POC This Week

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Anti Malware Online Security Pro
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
9.7%
CVE-2017-15920 HIGH POC This Week

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Anti Malware Online Security Pro
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
9.7%
CVE-2017-9377 HIGH PATCH This Week

A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Clickshare Csm 1 Firmware Clickshare Csc 1 Firmware
NVD
CVSS 3.0
8.8
EPSS
5.7%
CVE-2016-3090 HIGH PATCH This Week

The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Apache Struts
NVD
CVSS 3.0
8.8
EPSS
2.2%
CVE-2013-4246 HIGH PATCH This Week

libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Apache Subversion
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2015-0226 HIGH PATCH This Week

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Wss4J
NVD
CVSS 3.0
7.5
EPSS
5.2%
CVE-2012-0881 HIGH PATCH This Week

Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Java Apache Xerces2 Java
NVD
CVSS 3.0
7.5
EPSS
2.1%
CVE-2017-9450 HIGH This Week

The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Amazon Web Services Cloudformation Bootstrap Bootstrap
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2014-0072 HIGH PATCH This Week

ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordova 2.4.0 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apple Apache Information Disclosure Cordova File Transfer Cordova
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2017-14919 HIGH This Week

Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Node.js Node Js
NVD VulDB
CVSS 3.0
7.5
EPSS
0.8%
CVE-2014-0115 HIGH PATCH This Week

Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Apache Storm
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2014-3526 HIGH PATCH This Week

Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apache Information Disclosure Wicket
NVD
CVSS 3.1
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy