Skip to main content
CVE-2014-1694 MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) CustomerPreferences.pm, (2) CustomerTicketMessage.pm, (3) CustomerTicketProcess.pm, and (4) CustomerTicketZoom.pm in Kernel/Modules/. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Otrs
NVD GitHub
CVSS 2.0
6.8
EPSS
0.6%
CVE-2012-6493 MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Nexpose
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-3098 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Tew 812Dru Firmware Tew 812Dru
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2013-5427 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP8 through 11.0 and InfoSphere Master Data Management Server for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Infosphere Master Data Management Collaboration Server Infosphere Master Data Management Server For Product Information Management
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-0686 MEDIUM This Month

Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and. Rated medium severity (CVSS 6.0). No vendor patch available.

Privilege Escalation Cisco Unified Communications Manager
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2012-0875 MEDIUM This Month

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Denial Of Service Systemtap
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2013-7182 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Fortinet XSS Fortios
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2013-7181 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Fortinet XSS Fortiweb
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2014-0834 MEDIUM This Month

IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM General Parallel File System
NVD
CVSS 2.0
4.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy