Skip to main content
CVE-2013-7204 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Cipcamptiwl 1 0 Firmware Cipcamptiwl
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
1.2%
CVE-2013-7243 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Getsimple Cms
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0792 HIGH PATCH This Week

Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Nexus
NVD
CVSS 2.0
7.5
EPSS
3.1%
CVE-2014-1211 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x before 5.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF VMware Vcloud Director
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-1207 MEDIUM This Month

VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service ESXi Esx
NVD
CVSS 2.0
4.3
EPSS
1.3%
CVE-2013-7295 MEDIUM This Month

Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

OpenSSL Intel Authentication Bypass Tor
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-1208 LOW Monitor

VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

VMware Denial Of Service ESXi Fusion Player +2
NVD
CVSS 2.0
3.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy