Skip to main content
CVE-2017-16932 HIGH PATCH Act Now

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.0%.

Denial Of Service Libxml2
NVD GitHub
CVSS 3.1
7.5
EPSS
22.0%
CVE-2017-15088 CRITICAL PATCH Act Now

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow RCE Stack Overflow Red Hat +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.7%
CVE-2017-16931 CRITICAL PATCH Act Now

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Libxml2
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2017-13701 CRITICAL Act Now

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eds G512E Firmware
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-16927 HIGH PATCH This Week

The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xrdp Debian Linux
NVD GitHub
CVSS 3.0
8.4
EPSS
0.1%
CVE-2017-13698 HIGH This Week

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eds G512E Firmware
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-13699 HIGH This Week

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eds G512E Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy