Skip to main content
CVE-2018-7573 CRITICAL POC THREAT Emergency

An issue was discovered in FTPShell Client 6.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Ftpshell Client
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
69.7%
CVE-2018-7584 CRITICAL POC PATCH THREAT Act Now

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow PHP Ubuntu Linux Debian Linux
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
87.6%
CVE-2018-7561 CRITICAL POC Act Now

Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Tenda Ac9 Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-7047 CRITICAL Act Now

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Streaming Engine
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2018-2368 CRITICAL Act Now

SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SAP Netweaver System Landscape Directory
NVD
CVSS 3.0
9.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy