Latest CVE Feed
-
9.8
CRITICALCVE-2016-3737
The server in Red Hat JBoss Operations Network (JON) before 3.3.6 allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization.... Read more
Affected Products : jboss_operations_network- EPSS Score: %0.45
- Published: Aug. 02, 2016
- Modified: Apr. 12, 2025
-
9.8
CRITICALCVE-2016-4607
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have ... Read more
- EPSS Score: %4.74
- Published: Jul. 22, 2016
- Modified: Apr. 12, 2025
-
9.8
CRITICALCVE-2020-16279
The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization.... Read more
Affected Products : rangeeos- EPSS Score: %2.52
- Published: Aug. 20, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2011-1933
SQL injection vulnerability in Jifty::DBI before 0.68.... Read more
Affected Products : \- EPSS Score: %0.54
- Published: Nov. 26, 2019
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2020-16245
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code.... Read more
Affected Products : iview- EPSS Score: %15.93
- Published: Aug. 25, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2011-1935
pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.... Read more
Affected Products : libpcap- EPSS Score: %1.25
- Published: Oct. 20, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-7983
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().... Read more
Affected Products : tcpdump- EPSS Score: %0.69
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8512
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.... Read more
- EPSS Score: %7.64
- Published: Feb. 15, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2020-16226
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.... Read more
- EPSS Score: %0.22
- Published: Oct. 05, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2016-9366
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- EPSS Score: %0.18
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-9849
An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9... Read more
Affected Products : phpmyadmin- EPSS Score: %0.30
- Published: Dec. 11, 2016
- Modified: Apr. 12, 2025
-
9.8
CRITICALCVE-2020-16137
A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability exists. Out of an ... Read more
Affected Products : unified_ip_conference_station_7937g_firmware unified_ip_conference_station_7937g- EPSS Score: %73.24
- Published: Aug. 12, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2020-16098
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6),... Read more
Affected Products : command_centre- EPSS Score: %0.47
- Published: Sep. 15, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2012-1622
Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more
Affected Products : ofbiz- EPSS Score: %6.48
- Published: Oct. 26, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-0899
RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.... Read more
- EPSS Score: %9.67
- Published: Aug. 31, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2014-9852
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.... Read more
- EPSS Score: %1.32
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-10984
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.... Read more
Affected Products : freeradius- EPSS Score: %27.81
- Published: Jul. 17, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-11139
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.... Read more
- EPSS Score: %0.47
- Published: Jul. 10, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-12065
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.... Read more
Affected Products : cacti- EPSS Score: %3.32
- Published: Aug. 01, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-7705
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.... Read more
Affected Products : data_ontap oncommand_performance_manager oncommand_unified_manager ntp xenserver clustered_data_ontap simatic_cp_443-1_opc_ua_firmware tim_4r-ie_firmware tim_4r-ie_dnp3_firmware tim_4r-ie +1 more products- EPSS Score: %29.58
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025