Skip to main content
CVE-2017-12635 CRITICAL POC THREAT Emergency

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.1%.

Apache Privilege Escalation RCE Couchdb
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
94.1%
Threat
6.3
CVE-2017-16820 CRITICAL PATCH Act Now

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Collectd
NVD GitHub
CVSS 3.0
9.8
EPSS
3.4%
CVE-2017-10269 CRITICAL PATCH Act Now

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Authentication Bypass Oracle Tuxedo
NVD
CVSS 3.0
10.0
EPSS
2.1%
CVE-2017-10272 CRITICAL PATCH Act Now

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authentication Bypass Oracle Tuxedo
NVD
CVSS 3.0
9.9
EPSS
1.3%
CVE-2017-6274 CRITICAL Act Now

An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Android
NVD
CVSS 3.0
9.8
EPSS
0.1%
CVE-2017-3891 CRITICAL Act Now

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnx Software Development Platform
NVD
CVSS 3.1
9.6
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy