This is a list of recent vulnerabilities for which exploits are available.
CVE, Title, Vendor
CVSS v2 Base Score
Microsoft Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Microsoft Windows SMBv3 Client/Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed.
A Remote Code Execution vulnerability exists in Nexus Repository Manager. The vulnerability allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious request to NXRM.
VMWare Workstation vmnetdhcp Denial of Service Vulnerability
VMware Workstation contain a use-after vulnerability in vmnetdhcp. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial of service condition of the vmnetdhcp service running on the host machine.
OpenWrt's opkg Man In The Middle Attack Vulnerability
A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary package payloads (which are installed without verification).