CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2015-0666	High	53.1%	CiscoPrime Data Center Network Manager (DCNM)	Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.	Mar 25, 2022	KEV
CVE-2017-3881	High	94.3%	CiscoIOS and IOS XE	A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.	Mar 25, 2022	KEV
CVE-2014-6287	High	94.4%	RejettoHTTP File Server (HFS)	The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.	Mar 25, 2022	KEV
CVE-2016-4171	High	50.5%	AdobeFlash Player	Unspecified vulnerability in Adobe Flash Player allows for remote code execution.	Mar 25, 2022	KEV
CVE-2016-1555	High	94.3%	NETGEARWireless Access Point (WAP) Devices	Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.	Mar 25, 2022	KEV
CVE-2014-3120	High	85.6%	ElasticElasticsearch	Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.	Mar 25, 2022	KEV
CVE-2010-2861	High	94.3%	AdobeColdFusion	A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.	Mar 25, 2022	KEV
CVE-2014-6332	High	94.1%	MicrosoftWindows	OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.	Mar 25, 2022	KEV
CVE-2010-3035	High	3.2%	CiscoIOS XR	Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).	Mar 25, 2022	KEV
CVE-2013-4810	High	89.6%	Hewlett Packard (HP)ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management	HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.	Mar 25, 2022	KEV
CVE-2010-4345	High	4.0%	EximExim	Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.	Mar 25, 2022	KEV
CVE-2013-2251	High	94.3%	ApacheStruts	Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.	Mar 25, 2022	KEV
CVE-2016-10174	High	89.8%	NETGEARWNR2000v5 Router	The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.	Mar 25, 2022	KEV
CVE-2015-3035(1)	High	92.9%	TP-LinkMultiple Archer Devices	Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.	Mar 25, 2022	KEV
CVE-2015-1187	High	81.2%	D-Link and TRENDnetMultiple Devices	The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.	Mar 25, 2022	KEV
CVE-2005-2773	High	91.2%	Hewlett Packard (HP)OpenView Network Node Manager	HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.	Mar 25, 2022	KEV
CVE-2009-0927	High	93.3%	AdobeReader and Acrobat	Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.	Mar 25, 2022	KEV
CVE-2022-26318	High	92.2%	WatchGuardFirebox and XTM Appliances	On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.	Mar 25, 2022	KEV
CVE-2019-6340	High 8.1	94.4%	DrupalCore	In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.	Mar 25, 2022	KEVExploit
CVE-2020-2506	High	18.0%	QNAP SystemsHelpdesk	QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.	Mar 25, 2022	KEV

CVE-2015-0666KEV

High

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.

CiscoEPSS 53.1%

CVE-2017-3881KEV

High

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.

CiscoEPSS 94.3%

CVE-2014-6287KEV

High

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.

RejettoEPSS 94.4%

CVE-2016-4171KEV

High

Unspecified vulnerability in Adobe Flash Player allows for remote code execution.

AdobeEPSS 50.5%

CVE-2016-1555KEV

High

Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.

NETGEAREPSS 94.3%

CVE-2014-3120KEV

High

Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.

ElasticEPSS 85.6%

CVE-2010-2861KEV

High

A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.

AdobeEPSS 94.3%

CVE-2014-6332KEV

High

OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.

MicrosoftEPSS 94.1%

CVE-2010-3035KEV

High

Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).

CiscoEPSS 3.2%

CVE-2013-4810KEV

High

HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.

Hewlett Packard (HP)EPSS 89.6%

CVE-2010-4345KEV

High

Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

EximEPSS 4.0%

CVE-2013-2251KEV

High

Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.

ApacheEPSS 94.3%

CVE-2016-10174KEV

High

The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.

NETGEAREPSS 89.8%

CVE-2015-3035KEV

High

Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

TP-LinkEPSS 92.9%

CVE-2015-1187KEV

High

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.

D-Link and TRENDnetEPSS 81.2%

CVE-2005-2773KEV

High

HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.

Hewlett Packard (HP)EPSS 91.2%

CVE-2009-0927KEV

High

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.

AdobeEPSS 93.3%

CVE-2022-26318KEV

High

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.

WatchGuardEPSS 92.2%

CVE-2019-6340KEV

High

In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.

DrupalCVSS 8.1EPSS 94.4%

Exploit

CVE-2020-2506KEV

High

QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.

QNAP SystemsEPSS 18.0%

50 51 52 53 54 55 56