Skip to main content
CVE-2012-5875 MEDIUM POC THREAT This Month

Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 27.1%.

Denial Of Service Firefly Media Server
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
27.1%
CVE-2012-5656 MEDIUM POC PATCH This Month

The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

XXE Inkscape Fedora Ubuntu Linux Opensuse
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2012-6395 MEDIUM This Month

Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Adaptive Security Appliance Software Adaptive Security Appliance Asa 1000V Cloud Firewall +1
NVD
CVSS 2.0
6.3
EPSS
1.0%
CVE-2012-5717 MEDIUM This Month

Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service Cisco Adaptive Security Appliance Software Adaptive Security Appliance +2
NVD
CVSS 2.0
6.3
EPSS
0.3%
CVE-2012-2124 MEDIUM This Month

functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Red Hat Denial Of Service Squirrelmail Enterprise Linux
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2012-6088 MEDIUM PATCH This Month

The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Authentication Bypass Rpm
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-6359 MEDIUM This Month

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft IBM Tivoli Federated Identity Manager Tivoli Federated Identity Manager Business Gateway
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-6360 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Intelligent Operations Center 1.5.0 allows remote attackers to inject arbitrary web script or HTML via event data fields. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Intelligent Operations Center
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5531 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal in JBoss Enterprise Portal Platform 5.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Jboss Enterprise Portal Platform
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy