Skip to main content
CVE-2017-16651 HIGH POC KEV PATCH THREAT Act Now

Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Authentication Bypass Path Traversal Information Disclosure
NVD GitHub
CVSS 3.1
7.8
EPSS
33.3%
Threat
5.6
CVE-2017-16669 HIGH POC PATCH This Week

coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Graphicsmagick Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-16757 HIGH POC This Week

Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Vpn
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-16671 HIGH This Week

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Asterisk Certified Asterisk
NVD
CVSS 3.0
8.8
EPSS
3.6%
CVE-2017-16674 HIGH PATCH This Week

Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an attack with a malformed primary whitelisted command. Rated high severity (CVSS 8.0).

Microsoft Information Disclosure Windows Agent
NVD
CVSS 3.0
8.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy