Skip to main content
CVE-2014-0750 HIGH POC THREAT Act Now

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 37.6%.

Path Traversal RCE Intelligent Platforms Proficy Hmi 2Fscada Cimplicity Intelligent Platforms Proficy Hmi Scada Cimplicity Intelligent Platforms Proficy Process Systems With Cimplicity
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
37.6%
Threat
4.1
CVE-2014-1202 CRITICAL POC PATCH THREAT Act Now

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 17.3%.

Code Injection Java RCE Soapui
NVD Exploit-DB GitHub
CVSS 2.0
9.3
EPSS
17.3%
CVE-2014-1670 MEDIUM POC THREAT This Month

The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vectors involving a crafted DNS response. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 29.2%.

Code Injection Google Microsoft RCE Bing
NVD
CVSS 2.0
6.8
EPSS
29.2%
CVE-2014-0751 MEDIUM This Month

The CIMPLICITY Web-based access component, CimWebServer, does not check the location of shell files being loaded into the system. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Intelligent Platforms Proficy Hmi 2Fscada Cimplicity Intelligent Platforms Proficy Hmi Scada Cimplicity Intelligent Platforms Proficy Process Systems With Cimplicity
NVD
CVSS 2.0
6.8
EPSS
1.2%
CVE-2014-0678 MEDIUM This Month

The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Secure Access Control System
NVD
CVSS 2.0
5.5
EPSS
0.4%
CVE-2014-0673 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Cisco Video Surveillance 5000 HD IP Dome cameras allow remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Video Surveillance Indoor Fixed Dome Ip Hd Camera
NVD
CVSS 2.0
4.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy