Skip to main content

Next

2 CVEs product

Monthly

CVE-2018-17137 CRITICAL POC Act Now

Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Microsoft Next
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2018-7467 HIGH POC THREAT This Week

AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Next
NVD
CVSS 3.0
7.5
EPSS
10.4%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Microsoft Next
NVD GitHub
EPSS 10% CVSS 7.5
HIGH POC THREAT This Week

AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Next
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy