Lucene search
K
Vulncheck KevRecent

4985 matches found

VulnCheck KEV
VulnCheck KEV
•added 2022/03/16 12:0 a.m.•4 views

VulnCheck KEV: CVE-2018-0147

A vulnerability in Java deserialization used by Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software...

10CVSS7.6AI score0.18554EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•4 views

VulnCheck KEV: CVE-2019-1064

A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...

7.8CVSS7.1AI score0.06886EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•2 views

VulnCheck KEV: CVE-2017-0101

A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory...

7.8CVSS7.1AI score0.57482EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•6 views

VulnCheck KEV: CVE-2019-0543

A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context...

7.8CVSS7.1AI score0.04718EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•3 views

VulnCheck KEV: CVE-2019-0841

A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...

7.8CVSS6.9AI score0.414EPSS
Exploits19References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•6 views

VulnCheck KEV: CVE-2016-3309

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode...

7.8CVSS7.3AI score0.20625EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•4 views

VulnCheck KEV: CVE-2019-1253

A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions...

7.8CVSS6.8AI score0.11616EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•3 views

VulnCheck KEV: CVE-2019-1129

A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...

7.8CVSS7.1AI score0.01782EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•5 views

VulnCheck KEV: CVE-2019-1315

A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status...

7.8CVSS6.9AI score0.03478EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/15 12:0 a.m.•4 views

VulnCheck KEV: CVE-2020-5135

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service DoS and potentially execute arbitrary code by sending a malicious request to the firewall...

9.8CVSS8AI score0.26869EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/08 12:0 a.m.•3 views

VulnCheck KEV: CVE-2022-26143

A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system...

9.8CVSS7.3AI score0.87565EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/08 12:0 a.m.•9 views

VulnCheck KEV: CVE-2021-44207

Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel...

8.1CVSS7.9AI score0.17578EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/07 12:0 a.m.•5 views

VulnCheck KEV: CVE-2021-22600

Linux Kernel contains a flaw in the packet socket AFPACKET implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service DoS or possibly for privilege escalation...

7.2CVSS6.9AI score0.05918EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/07 12:0 a.m.•7 views

VulnCheck KEV: CVE-2021-39793

Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege...

7.8CVSS6.7AI score0.00726EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/07 12:0 a.m.•5 views

VulnCheck KEV: CVE-2021-22941

Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller...

10CVSS7.4AI score0.53585EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/06 12:0 a.m.•4 views

VulnCheck KEV: CVE-2022-26134

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution...

9.8CVSS7.9AI score0.99999EPSS
Exploits75References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/06 12:0 a.m.•9 views

VulnCheck KEV: CVE-2022-24706

Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...

10CVSS6.9AI score0.92335EPSS
Exploits9References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/05 12:0 a.m.•3 views

VulnCheck KEV: CVE-2022-26486

Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution...

9.6CVSS7.3AI score0.02349EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/05 12:0 a.m.•4 views

VulnCheck KEV: CVE-2022-26485

Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution...

8.8CVSS7.3AI score0.14261EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2018-0167

There is a buffer overflow vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code...

8.8CVSS7.7AI score0.03449EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•6 views

VulnCheck KEV: CVE-2018-0173

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets can allow for denial-of-service DoS...

8.6CVSS7.2AI score0.07613EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-12232

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service...

6.5CVSS6.6AI score0.02171EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2018-0155

A vulnerability in the Bidirectional Forwarding Detection BFD offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service DoS condition...

8.6CVSS7.3AI score0.07747EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2011-1889

A remote code execution vulnerability exists in the Forefront Threat Management Gateway TMG Firewall Client Winsock provider that could allow code execution in the security context of the client application...

10CVSS6.4AI score0.48368EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2020-11899

The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability...

5.4CVSS6.9AI score0.18564EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•2 views

VulnCheck KEV: CVE-2022-20701

A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...

10CVSS7.5AI score0.09747EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2018-0174

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service DoS...

8.6CVSS7.2AI score0.07613EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2022-20699

A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...

10CVSS7.7AI score0.72458EPSS
Exploits7References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•6 views

VulnCheck KEV: CVE-2018-0151

A vulnerability in the quality of service QoS subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges...

10CVSS7.6AI score0.14204EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-6627

A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service...

7.5CVSS7.2AI score0.06042EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2019-1297

A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory...

9.3CVSS7.7AI score0.21805EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2018-0175

Format string vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated...

8CVSS7.5AI score0.03577EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•2 views

VulnCheck KEV: CVE-2014-0496

Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution...

10CVSS5.9AI score0.40243EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-12238

A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service...

6.5CVSS6.6AI score0.02034EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•2 views

VulnCheck KEV: CVE-2017-12240

The Dynamic Host Configuration Protocol DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system...

10CVSS7.7AI score0.13521EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-8540

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft...

9.3CVSS7.1AI score0.71961EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•2 views

VulnCheck KEV: CVE-2017-6737

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...

9CVSS7.3AI score0.42632EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2018-0158

A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...

8.6CVSS7.3AI score0.07194EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2017-6744

The Simple Network Management Protocol SNMP subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a...

9CVSS7.4AI score0.07158EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service DoS condition...

7.8CVSS7.1AI score0.08369EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-12231

A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service...

7.8CVSS7.1AI score0.06938EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2019-16928

Exim contains an out-of-bounds write vulnerability which can allow for remote code execution...

9.8CVSS7.7AI score0.41589EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2018-0159

A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...

7.8CVSS7.1AI score0.06874EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•11 views

VulnCheck KEV: CVE-2017-12233

There is a vulnerability in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

7.8CVSS7.1AI score0.06938EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•7 views

VulnCheck KEV: CVE-2017-6663

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service DoS...

6.5CVSS6.6AI score0.02135EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-12237

A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service...

7.8CVSS7.1AI score0.06938EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•3 views

VulnCheck KEV: CVE-2018-0154

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition...

7.8CVSS7.1AI score0.07074EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-12234

There is a vulnerability in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

7.8CVSS7.1AI score0.06938EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...

7.8CVSS7.1AI score0.06938EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2022/03/03 12:0 a.m.•4 views

VulnCheck KEV: CVE-2022-20708

A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...

10CVSS7.4AI score0.14863EPSS
Exploits0References1
Total number of security vulnerabilities4985