| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10324 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c. | ||
| CVE-2014-7921 | Cri | 0.64 | 9.8 | 0.01 | Apr 13, 2017 | mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | ||
| CVE-2014-7920 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. | ||
| CVE-2016-6143 | Cri | 0.64 | 9.8 | 0.04 | Apr 13, 2017 | SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. | ||
| CVE-2016-4800 | Cri | 0.64 | 9.8 | 0.06 | Apr 13, 2017 | The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes. | ||
| CVE-2016-2555 | Cri | 0.73 | 9.8 | 0.80 | Apr 13, 2017 | SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php. | ||
| CVE-2015-8282 | Cri | 0.67 | 9.8 | 0.07 | Apr 13, 2017 | SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account. | ||
| CVE-2015-8271 | Cri | 0.64 | 9.8 | 0.06 | Apr 13, 2017 | The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code. | ||
| CVE-2015-6674 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836. | ||
| CVE-2017-7628 | Cri | 0.64 | 9.8 | 0.01 | Apr 13, 2017 | The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability). | ||
| CVE-2017-7280 | Cri | 0.64 | 9.8 | 0.06 | Apr 12, 2017 | An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable. | ||
| CVE-2017-7279 | Cri | 0.64 | 9.8 | 0.04 | Apr 12, 2017 | An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login. | ||
| CVE-2016-4337 | Cri | 0.67 | 9.8 | 0.02 | Apr 12, 2017 | SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action. | ||
| CVE-2015-7564 | Cri | 0.60 | 9.8 | 0.03 | Apr 12, 2017 | Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b)… | ||
| CVE-2016-6808 | Cri | 0.65 | 9.8 | 0.19 | Apr 12, 2017 | Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. | ||
| CVE-2017-7722 | Cri | 0.69 | 10.0 | 0.13 | Apr 12, 2017 | In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker… | ||
| CVE-2017-7719 | Cri | 0.64 | 9.8 | 0.02 | Apr 12, 2017 | SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | ||
| CVE-2017-3063 | Cri | 0.64 | 9.8 | 0.09 | Apr 12, 2017 | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-3062 | Cri | 0.64 | 9.8 | 0.10 | Apr 12, 2017 | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-3061 | Cri | 0.69 | 9.8 | 0.25 | Apr 12, 2017 | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-3060 | Cri | 0.64 | 9.8 | 0.08 | Apr 12, 2017 | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-3059 | Cri | 0.64 | 9.8 | 0.10 | Apr 12, 2017 | Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-3037 | Cri | 0.64 | 9.8 | 0.06 | Apr 12, 2017 | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2989 | Cri | 0.59 | 9.1 | 0.04 | Apr 12, 2017 | Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database. | ||
| CVE-2017-7588 | Cri | 0.69 | 9.8 | 0.34 | Apr 12, 2017 | On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW… | ||
| CVE-2016-7552 | Cri | 0.74 | 9.8 | 0.93 | Apr 12, 2017 | On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS. | ||
| CVE-2016-7547 | Cri | 0.74 | 9.8 | 0.93 | Apr 12, 2017 | A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface. | ||
| CVE-2017-7695 | Cri | 0.64 | 9.8 | 0.02 | Apr 11, 2017 | Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code. | ||
| CVE-2017-7691 | Cri | 0.64 | 9.8 | 0.02 | Apr 11, 2017 | A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. | ||
| CVE-2017-7689 | Cri | 0.64 | 9.8 | 0.06 | Apr 11, 2017 | A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. | ||
| CVE-2013-6647 | Cri | 0.64 | 9.8 | 0.01 | Apr 11, 2017 | A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | ||
| CVE-2016-1908 | Cri | 0.65 | 9.8 | 0.14 | Apr 11, 2017 | The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging… | ||
| CVE-2016-0779 | Cri | 0.64 | 9.8 | 0.10 | Apr 11, 2017 | The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object. | ||
| CVE-2017-7462 | Cri | 0.68 | 9.8 | 0.13 | Apr 11, 2017 | Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. | ||
| CVE-2017-7625 | Cri | 0.64 | 9.8 | 0.03 | Apr 10, 2017 | In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code. | ||
| CVE-2017-7239 | Cri | 0.64 | 9.8 | 0.04 | Apr 10, 2017 | Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename. | ||
| CVE-2017-5983 | Cri | 0.65 | 9.8 | 0.16 | Apr 10, 2017 | The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. | ||
| CVE-2016-6878 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang. | ||
| CVE-2016-10311 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2017 | Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. | ||
| CVE-2015-7826 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com. | ||
| CVE-2016-10321 | — | Cri | 0.57 | 9.8 | 0.03 | Apr 10, 2017 | web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks. | |
| CVE-2016-5074 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | CloudView NMS before 2.10a has a format string issue exploitable over SNMP. | ||
| CVE-2016-5070 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext. | ||
| CVE-2016-5069 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL. | ||
| CVE-2016-5068 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2017 | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests. | ||
| CVE-2016-5066 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2017 | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user. | ||
| CVE-2016-5065 | Cri | 0.64 | 9.8 | 0.03 | Apr 10, 2017 | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection. | ||
| CVE-2016-5053 | Cri | 0.64 | 9.8 | 0.03 | Apr 10, 2017 | OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. | ||
| CVE-2015-7292 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2017 | Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv. | ||
| CVE-2015-7273 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE. |
- risk 0.64cvss 9.8epss 0.02
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.
- risk 0.64cvss 9.8epss 0.01
mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920.
- risk 0.64cvss 9.8epss 0.02
mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.
- risk 0.64cvss 9.8epss 0.04
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
- risk 0.64cvss 9.8epss 0.06
The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes.
- risk 0.73cvss 9.8epss 0.80
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
- risk 0.67cvss 9.8epss 0.07
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.
- risk 0.64cvss 9.8epss 0.06
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.
- risk 0.64cvss 9.8epss 0.01
The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).
- risk 0.64cvss 9.8epss 0.06
An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable.
- risk 0.64cvss 9.8epss 0.04
An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the "token" cookie issued at login.
- risk 0.67cvss 9.8epss 0.02
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
- risk 0.60cvss 9.8epss 0.03
Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b)…
- risk 0.65cvss 9.8epss 0.19
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
- risk 0.69cvss 10.0epss 0.13
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker…
- risk 0.64cvss 9.8epss 0.02
SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php.
- risk 0.64cvss 9.8epss 0.09
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.10
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
- risk 0.69cvss 9.8epss 0.25
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.08
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.10
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.06
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
- risk 0.59cvss 9.1epss 0.04
Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database.
- risk 0.69cvss 9.8epss 0.34
On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW…
- risk 0.74cvss 9.8epss 0.93
On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS.
- risk 0.74cvss 9.8epss 0.93
A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface.
- risk 0.64cvss 9.8epss 0.02
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.
- risk 0.64cvss 9.8epss 0.02
A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592.
- risk 0.64cvss 9.8epss 0.06
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.
- risk 0.64cvss 9.8epss 0.01
A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.
- risk 0.65cvss 9.8epss 0.14
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging…
- risk 0.64cvss 9.8epss 0.10
The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.
- risk 0.68cvss 9.8epss 0.13
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory.
- risk 0.64cvss 9.8epss 0.03
In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.
- risk 0.64cvss 9.8epss 0.04
Ninka before 1.3.2 might allow remote attackers to obtain sensitive information, manipulate license compliance scan results, or cause a denial of service (process hang) via a crafted filename.
- risk 0.65cvss 9.8epss 0.16
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
- risk 0.64cvss 9.8epss 0.01
The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.
- risk 0.64cvss 9.8epss 0.02
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
- risk 0.64cvss 9.8epss 0.01
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
- risk 0.57cvss 9.8epss 0.03
web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks.
- risk 0.64cvss 9.8epss 0.01
CloudView NMS before 2.10a has a format string issue exploitable over SNMP.
- risk 0.64cvss 9.8epss 0.01
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
- risk 0.64cvss 9.8epss 0.01
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
- risk 0.64cvss 9.8epss 0.02
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
- risk 0.64cvss 9.8epss 0.02
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
- risk 0.64cvss 9.8epss 0.03
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
- risk 0.64cvss 9.8epss 0.03
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000.
- risk 0.64cvss 9.8epss 0.02
Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.
- risk 0.64cvss 9.8epss 0.01
Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE.