Skip to main content
CVE-2012-6330 MEDIUM POC THREAT This Month

The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.3%.

Denial Of Service Twiki Foswiki
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
73.3%
Threat
4.7
CVE-2012-5976 MEDIUM This Month

Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.7% and no vendor patch available.

Buffer Overflow Denial Of Service Asterisk Certified Asterisk
NVD
CVSS 2.0
5.0
EPSS
29.7%
CVE-2012-6497 MEDIUM POC PATCH This Month

The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Rails
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2012-5581 MEDIUM This Month

Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Libtiff
NVD
CVSS 2.0
6.8
EPSS
1.6%
CVE-2012-0861 MEDIUM This Month

The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vds_bootstrap.py, which prevents. Rated medium severity (CVSS 6.8). No vendor patch available.

Python Red Hat RCE Enterprise Virtualization Manager
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2012-0860 MEDIUM This Month

Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1). Rated medium severity (CVSS 6.2). No vendor patch available.

Python Red Hat Information Disclosure Enterprise Virtualization Manager
NVD
CVSS 2.0
6.2
EPSS
0.1%
CVE-2012-5603 MEDIUM This Month

proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users'. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
5.5
EPSS
0.3%
CVE-2012-5977 MEDIUM This Month

Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Asterisk Certified Asterisk
NVD
CVSS 2.0
4.3
EPSS
1.1%
CVE-2012-4543 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-4556 MEDIUM This Month

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Apache Certificate System
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2012-4555 MEDIUM This Month

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Apache Certificate System
NVD
CVSS 2.0
4.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy