Latest CVE Feed
-
9.8
CRITICALCVE-2016-10175
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulne... Read more
- Published: Jan. 30, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2016-10174
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.... Read more
Affected Products : d7000_firmware r6220_firmware d7800_firmware r7500_firmware r7500v2_firmware wnr2000v5_firmware wnr2020_firmware d6100_firmware jnr1010v2_firmware jwnr2010v5_firmware +46 more products- Actively Exploited
- Published: Jan. 30, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5609
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.... Read more
Affected Products : serendipity- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-5608
Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.... Read more
Affected Products : piwigo- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.0
HIGHCVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticT... Read more
Affected Products : web_appliance- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.0
HIGHCVE-2016-9553
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for bl... Read more
Affected Products : web_appliance- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5486
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5485
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5484
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5483
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5482
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5342
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5341
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5205
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5204
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5203
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5202
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().... Read more
- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8575
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8574
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-7993
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).... Read more
Affected Products : tcpdump- Published: Jan. 28, 2017
- Modified: Apr. 20, 2025