Skip to main content
CVE-2017-16806 HIGH POC THREAT Act Now

The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.5%.

Path Traversal Ulterius Server
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
86.5%
Threat
5.6
CVE-2016-8610 HIGH PATCH Act Now

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 71.1%.

Denial Of Service OpenSSL Debian Linux Enterprise Linux Desktop Enterprise Linux Server +41
NVD
CVSS 3.1
7.5
EPSS
71.1%
CVE-2017-13802 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
21.4%
CVE-2017-13795 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
21.4%
CVE-2017-13794 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
21.4%
CVE-2017-13792 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
21.4%
CVE-2017-13785 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
21.4%
CVE-2017-13784 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.4%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
21.4%
CVE-2017-13796 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.9%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
19.9%
CVE-2017-13791 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.9%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
19.9%
CVE-2017-13783 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.9%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
19.9%
CVE-2017-13798 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.6%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
18.6%
CVE-2017-13797 HIGH POC THREAT Act Now

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.0%.

Denial Of Service Buffer Overflow RCE Microsoft Apple +5
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
16.0%
CVE-2017-11169 HIGH POC This Week

Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices allows remote authenticated users to obtain root privileges by leveraging a guest/user/normal account to submit a modified. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ib Wra300N3Gt Firmware
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2017-1453 HIGH This Week

IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Command Injection Security Access Manager 9 0 Firmware
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2017-13803 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2017-13793 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2017-13788 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Microsoft Apple +6
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2017-9314 HIGH This Week

Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dahua Nvr5464 16P 4Ks2 Firmware Nvr5208 8P 4Ks2 Firmware Nvr5432 16P 4Ks2 Firmware +19
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2017-0904 HIGH PATCH This Week

The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and should not be relied upon for security measures,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

SSRF Private Address Check
NVD GitHub
CVSS 3.0
8.1
EPSS
0.9%
CVE-2017-1477 HIGH This Week

IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE IBM Security Access Manager 9 0 Firmware
NVD
CVSS 3.0
8.1
EPSS
0.6%
CVE-2017-14711 HIGH This Week

The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga-manager/id678241305 -- for iOS is vulnerable to a credentials leak due to transmitting a username and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Bundesliga Manager
NVD
CVSS 3.0
8.1
EPSS
0.2%
CVE-2017-13816 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-13813 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-13809 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2017-7132 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Microsoft Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-13824 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-13825 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-13814 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-13812 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-13807 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-13834 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-13799 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Iphone Os +3
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-13829 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-3166 HIGH PATCH This Week

In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Apache Information Disclosure Hadoop
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13833 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-14388 HIGH This Week

Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Ubuntu Information Disclosure Grootfs
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13808 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13843 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13838 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13830 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13811 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-13800 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Denial Of Service Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-14020 HIGH This Week

In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Click Plc Firmware C More Plc Firmware C More Micro Firmware Gs Drives Fimware +1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-6803 HIGH This Week

An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Apache Information Disclosure Openoffice
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-10885 HIGH This Week

Untrusted search path vulnerability in HYPER SBI Ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hyper Sbi
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-3767 HIGH This Week

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Lenovo Audio Driver Firmware
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-16803 HIGH This Week

In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Libav
NVD GitHub
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-10875 HIGH This Week

I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Lan Disk Connect Firmware
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-13820 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apple Mac Os X
NVD
CVSS 3.0
7.1
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy