Skip to main content
CVE-2017-14375 CRITICAL Act Now

EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emc Unisphere Solutions Enabler Vasa Vmax Emanagement
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2017-1000121 CRITICAL PATCH Act Now

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Apple Buffer Overflow Webkitgtk
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-14027 CRITICAL Act Now

A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jetnet5018G Firmware Jetnet5310G Firmware Jetnet5428G 2G 2Fx Firmware Jetnet5628G Firmware +5
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-14021 CRITICAL Act Now

A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Jetnet5018G Firmware Jetnet5310G Firmware Jetnet5428G 2G 2Fx Firmware Jetnet5628G Firmware +5
NVD
CVSS 3.0
9.8
EPSS
0.1%
CVE-2017-1000245 CRITICAL PATCH Act Now

The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure SSH
NVD
CVSS 3.0
9.8
EPSS
0.1%
CVE-2017-15535 CRITICAL Act Now

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure MongoDB
NVD
CVSS 3.0
9.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy