Skip to main content
CVE-2017-8809 CRITICAL PATCH Act Now

api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.1%.

PHP Information Disclosure Mediawiki Debian Linux
NVD
CVSS 3.0
9.8
EPSS
18.1%
CVE-2017-12634 CRITICAL PATCH Act Now

The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Java Apache Camel
NVD
CVSS 3.0
9.8
EPSS
6.5%
CVE-2017-12633 CRITICAL PATCH Act Now

The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Java Apache Camel
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2017-12739 CRITICAL Act Now

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Siemens Sm 2556 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2017-5533 CRITICAL Act Now

A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Jasperreports Server Jaspersoft Jaspersoft Reporting And Analytics
NVD
CVSS 3.0
9.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy