Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2016-7478 | Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. | 7.5 | 42.40% | 2017-01-11 | 2026-06-16 |
| CVE-2016-7480 | The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. | 9.8 | 41.56% | 2017-01-11 | 2026-06-16 |
| CVE-2016-7479 | In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. | 9.8 | 41.94% | 2017-01-11 | 2026-06-16 |
| CVE-2016-7481 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-7482 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-7483 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-7484 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-7485 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-7486 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-7487 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2017-8310 | Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file. | 5.5 | 1.26% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8311 | Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. | 7.8 | 8.77% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8312 | Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file. | 5.5 | 1.36% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8313 | Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file. | 5.5 | 1.48% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8314 | Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles. | 5.5 | 2.52% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8315 | Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml. | 7.5 | 1.69% | 2018-04-20 | 2026-06-16 |
| CVE-2018-8781 | The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. | 7.8 | 0.50% | 2018-04-23 | 2026-06-16 |
| CVE-2017-8316 | IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml. | 7.5 | 2.26% | 2018-08-03 | 2026-06-16 |
| CVE-2018-8784 | FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. | 9.8 | 7.29% | 2018-11-29 | 2026-06-16 |
| CVE-2018-8785 | FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. | 9.8 | 7.29% | 2018-11-29 | 2026-06-16 |