Skip to main content
CVE-2012-0025 MEDIUM POC THREAT This Month

Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 22.4%.

Denial Of Service Flashpix Plugin
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
22.4%
CVE-2012-5417 CRITICAL Act Now

Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Prime Data Center Network Manager
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2012-5416 HIGH This Week

Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 allows remote attackers to cause a denial of service (daemon. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Meetingplace
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2012-4498 HIGH PATCH This Week

The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Campaign" content type, which might allow remote attackers to bypass access restrictions and possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Activism
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2012-4486 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Subuser
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4487 MEDIUM PATCH This Month

The Subuser module before 6.x-1.8 for Drupal does not properly check "switch subuser" permissions, which allows remote authenticated parent users to change their role by switching to a subuser they. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Subuser
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2012-4497 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the "3 slide gallery" in the Elegant Theme module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes". Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Elegant Theme
NVD
CVSS 2.0
2.1
EPSS
0.3%
CVE-2012-4493 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the administrative interface in the Better Revisions module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer better. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Better Revisions
NVD
CVSS 2.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy