Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-03-31 CVE-2017-3010 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine.
network
low complexity
adobe CWE-119
critical
 9.8
9.8
2017-03-31 CVE-2014-5009 Command Injection vulnerability in multiple products
Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat nagios CWE-77
critical
 9.8
9.8
2017-03-31 CVE-2014-5008 Command Injection vulnerability in multiple products
Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat debian CWE-77
critical
 9.8
9.8
2017-03-31 CVE-2014-3931 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Multi-Router Looking Glass Project Multi-Router Looking Glass 5.4.1
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption.
network
low complexity
multi-router-looking-glass-project CWE-119
critical
 9.8
9.8
2017-03-31 CVE-2008-7313 Command Injection vulnerability in multiple products
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat nagios CWE-77
critical
 9.8
9.8
2017-03-30 CVE-2017-6182 OS Command Injection vulnerability in Sophos web Appliance
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
network
low complexity
sophos CWE-78
critical
 9.8
9.8
2017-03-30 CVE-2014-9826 7PK - Errors vulnerability in Imagemagick
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
network
low complexity
imagemagick CWE-388
critical
 9.8
9.8
2017-03-30 CVE-2017-7324 Code Injection vulnerability in Modx Revolution
setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the core_path parameter.
network
low complexity
modx CWE-94
critical
 9.8
9.8
2017-03-30 CVE-2017-7321 Code Injection vulnerability in Modx Revolution
setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the config_key parameter to the setup/index.php?action=welcome URI.
network
low complexity
modx CWE-94
critical
 9.8
9.8
2017-03-30 CVE-2017-7318 Unspecified vulnerability in Siklu Etherhaul Firmware 3.7.0/6.0/7.3.0
Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability.
network
low complexity
siklu
critical
 9.8
9.8