VIR Vulnerability Intelligence Relay

Search

Found 5,474 results in 842ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2015-8285 high 7.5 8.5 EXP quickheal 9y ago The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service.
CVE-2017-7938 medium 6.6 7.6 EXPFIX debian debian mor-pah.net 9y ago Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other i…
CVE-2017-7692 high 8.8 9.8 EXP squirrelmail 9y ago SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit …
CVE-2017-7896 medium 6.1 7.1 EXP trendmicro 9y ago Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS.
CVE-2015-8256 medium 6.1 7.1 EXP 9y ago Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.
CVE-2017-7615 high 8.8 9.8 EXP mantisbt 9y ago MantisBT allows arbitrary password reset
CVE-2017-7690 high 7.8 8.8 EXP proxifier 9y ago Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program.
CVE-2017-6554 high 7.2 8.2 EXP quest 9y ago pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privil…
CVE-2016-5312 medium 6.5 7.5 EXP symantec 9y ago Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn paramete…
CVE-2016-5310 medium 5.5 6.5 EXP broadcomsymantec 9y ago The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec …
CVE-2016-5309 medium 5.5 6.5 EXP broadcomsymantec 9y ago The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec …
CVE-2016-1713 high 7.3 8.3 EXP vtiger 9y ago Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated…
CVE-2016-0727 high 7.8 8.8 EXPFIX ubuntu ubuntudebian debian 9y ago The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3…
CVE-2015-6568 high 8.8 9.8 EXP wolfcms 9y ago Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" …
CVE-2015-6567 high 8.8 9.8 EXP wolfcms 9y ago Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exp…
CVE-2017-7643 high 7.8 8.8 EXP proxifier 9y ago Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program.
CVE-2017-7457 medium 5.0 6.0 EXP moxa 9y ago XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
CVE-2017-7456 high 7.5 8.5 EXP moxa 9y ago Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
CVE-2017-7455 high 7.5 8.5 EXP moxa 9y ago Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
CVE-2015-8356 high 8.0 9.0 EXP bitrix_project 9y ago Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to adm…
CVE-2017-7725 medium 6.1 7.1 EXP concretecms 9y ago Concrete CMS vulnerable to cross-site scripting (XSS)
CVE-2016-1915 medium 6.1 7.1 EXP blackberry 9y ago Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale pa…
CVE-2016-1914 high 8.8 9.8 EXP blackberry 9y ago Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrar…
CVE-2015-8284 high 8.8 9.8 EXP seawell_networks 9y ago SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.
CVE-2015-8283 medium 6.5 7.5 EXP seawell_networks 9y ago Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.
CVE-2015-7563 high 8.8 9.8 EXP teampass 9y ago Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authentication of an authenticated user.
CVE-2015-7562 medium 6.1 7.1 EXP teampass 9y ago TeamPass vulnerable to Cross-site Scripting
CVE-2017-3064 high 7.8 8.8 EXP linux-kernelwindows windowsmacos macos adobe 9y ago Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3006 high 8.8 9.8 EXP adobe 9y ago Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
CVE-2017-0211 medium 5.5 6.5 EXP windows windows 9y ago An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when …
CVE-2017-0202 high 7.5 8.5 EXP microsoft 9y ago A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrar…
CVE-2017-0167 medium 5.5 6.5 EXP windows windows 9y ago An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory…
CVE-2017-0165 high 7.8 8.8 EXP windows windows 9y ago An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handle…
CVE-2017-0160 high 7.8 8.8 EXP microsoft 9y ago Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
CVE-2017-0058 medium 4.7 5.7 EXP windows windows 9y ago A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability co…
CVE-2015-7893 high 8.8 9.8 EXP 9y ago SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.
CVE-2017-6088 high 7.2 8.2 EXP eyesofnetwork 9y ago Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (…
CVE-2017-7461 medium 4.9 5.9 EXP 9y ago Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a v…
CVE-2017-7185 high 7.5 8.5 EXP cesanta 9y ago Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows r…
CVE-2017-5607 low 3.5 4.5 EXP splunk 9y ago Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 a…
CVE-2017-6190 high 7.5 8.5 EXP 9y ago Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. (dot dot) in a "GET /uir/" r…
CVE-2015-8258 high 7.5 8.5 EXP 9y ago AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."
CVE-2015-8255 high 8.8 9.8 EXP 9y ago AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi.
CVE-2017-6019 high 7.5 8.5 EXP 9y ago An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.
CVE-2017-0569 high 7.0 8.0 EXP linux-kernel 9y ago An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…
CVE-2016-7786 high 8.8 9.8 EXP 9y ago Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. …
CVE-2017-7571 high 8.0 9.0 EXP ladybirdweb 9y ago public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.
CVE-2017-7447 high 8.8 9.8 EXP helpdezk 9y ago HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
CVE-2017-7446 high 8.8 9.8 EXP helpdezk 9y ago HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
CVE-2017-6340 medium 5.4 6.4 EXP trendmicro 9y ago Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious J…
CVE-2017-6339 medium 6.5 7.5 EXP trendmicro 9y ago Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by default, IWSVA acts as a private Certificate A…
CVE-2017-6338 medium 6.5 7.5 EXP trendmicro 9y ago Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Audit…
CVE-2016-9091 high 7.2 8.2 EXP bluecoat 9y ago Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious ad…
CVE-2017-7358 high 7.3 8.3 EXPFIX arch archdebian debianubuntu ubuntu lightdm_project 9y ago In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user …
CVE-2017-2671 medium 5.5 6.5 EXPFIX slesdebian debian linux-kernel 9y ago The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which al…
CVE-2017-7398 high 8.8 9.8 EXP 9y ago D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an attacker to perform an unwanted action on a wireless router for which the user/admin i…
CVE-2017-7228 high 8.2 9.2 EXPFIX debian debian 9y ago An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, al…
CVE-2017-7397 high 7.5 8.5 EXP 9y ago BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This…
CVE-2014-1677 high 7.5 8.5 EXP 9y ago Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information.
CVE-2017-1001000 high 7.5 8.5 EXPFIX debian debian wordpress 9y ago The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows …
CVE-2016-8769 medium 6.7 7.7 EXP 9y ago Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file …
CVE-2014-3222 high 7.0 8.0 EXP huawei 9y ago In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key…
CVE-2017-2490 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2489 medium 5.5 6.5 EXP macos macos 9y ago An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from…
CVE-2017-2483 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2482 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2480 medium 6.5 7.5 EXP macos macos apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tv…
CVE-2017-2479 medium 6.5 7.5 EXPFIX macos macos apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tv…
CVE-2017-2478 high 7.0 8.0 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2476 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2474 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2473 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2472 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2471 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-…
CVE-2017-2470 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2469 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2468 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2466 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2464 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2460 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2459 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2457 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitr…
CVE-2017-2456 high 7.0 8.0 EXP macos macos 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the …
CVE-2017-2455 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2454 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2447 high 8.1 9.1 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2446 high 8.8 9.8 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2445 medium 6.1 7.1 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2017-2443 high 7.8 8.8 EXP macos macos 9y ago An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privi…
CVE-2017-2442 medium 6.5 7.5 EXPFIX macos macosdebian debian apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attacke…
CVE-2017-2388 medium 5.5 6.5 EXP macos macos 9y ago An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointe…
CVE-2017-2367 medium 6.5 7.5 EXP macos macos apple 9y ago An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remo…
CVE-2015-4624 high 7.5 8.5 EXP 9y ago Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
CVE-2017-6412 high 8.1 9.1 EXP sophos 9y ago In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
CVE-2017-7310 high 7.8 8.8 EXP flexense 9y ago A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Se…
CVE-2017-7308 high 7.8 8.8 EXPFIX slesdebian debian linux-kernel 9y ago The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (in…
CVE-2017-7285 high 7.5 8.5 EXP 9y ago A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, prevent…
CVE-2017-5671 high 8.8 9.8 EXP 9y ago Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, whic…
CVE-2017-7183 high 7.5 8.5 EXP extraputty 9y ago The TFTP server in ExtraPuTTY 0.30 and earlier allows remote attackers to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.
CVE-2016-10225 high 7.8 8.8 EXP 9y ago The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug.