Skip to main content
CVE-2014-1912 HIGH POC PATCH THREAT Act Now

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.9%.

Python Buffer Overflow RCE Mac Os X
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
23.9%
CVE-2013-2498 HIGH POC This Week

SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM 2.3, 2.2, and earlier allows remote attackers to execute arbitrary SQL commands via the username. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simplehrm
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-2262 CRITICAL Act Now

Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Base Sas
NVD
CVSS 2.0
9.3
EPSS
8.3%
CVE-2014-1695 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Otrs
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.6%
CVE-2014-2080 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Modx Revolution
NVD GitHub
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2263 MEDIUM This Month

The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Ffmpeg
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2014-2059 MEDIUM PATCH This Month

Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Jenkins
NVD GitHub
CVSS 2.0
6.5
EPSS
2.0%
CVE-2014-1888 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

WordPress XSS Buddypress
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-1456 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the login page in Open Web Analytics (OWA) before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owa_user_id parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Open Web Analytics
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2067 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Java Jenkins XSS
NVD GitHub
CVSS 2.0
3.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy