Skip to main content
CVE-2014-0683 CRITICAL POC PATCH THREAT Act Now

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 29.4%.

Cisco Authentication Bypass Rv110W Firmware Rv110W Rv215W Firmware +3
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
29.4%
Threat
4.4
CVE-2013-3706 MEDIUM PATCH This Month

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 50.5%.

Path Traversal Zenworks Configuration Management
NVD VulDB
CVSS 2.0
5.0
EPSS
50.5%
CVE-2013-6719 MEDIUM POC THREAT This Month

delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.

IBM Command Injection PHP Tealeaf Cx
NVD Exploit-DB VulDB
CVSS 2.0
6.0
EPSS
10.6%
CVE-2014-1907 MEDIUM POC This Month

Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP Live Streaming Integration Plugin Videowhisper Live Streaming Integration
NVD Exploit-DB
CVSS 2.0
6.4
EPSS
8.0%
CVE-2012-6619 MEDIUM POC This Month

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service MongoDB
NVD VulDB
CVSS 2.0
6.4
EPSS
1.3%
CVE-2013-6720 MEDIUM POC This Month

Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP IBM Tealeaf Cx
NVD Exploit-DB VulDB
CVSS 2.0
5.5
EPSS
4.1%
CVE-2014-0703 CRITICAL Act Now

Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Race Condition Apple Cisco Wireless Lan Controller Software +1
NVD VulDB
CVSS 2.0
10.0
EPSS
0.9%
CVE-2014-0629 HIGH This Week

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Documentum Taskspace
NVD VulDB
CVSS 2.0
8.5
EPSS
0.5%
CVE-2013-6201 HIGH This Week

Unspecified vulnerability in HP Security Management System 3.3.0, 3.5.0 before patch 1, and 3.6.0 before patch 2 allows remote attackers to execute arbitrary code via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Security Management System
NVD VulDB
CVSS 2.0
7.5
EPSS
5.5%
CVE-2014-1906 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Live Streaming Integration Plugin Videowhisper Live Streaming Integration
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.2%
CVE-2014-0707 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2014-0706 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2014-1911 HIGH This Week

The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fi8919W Firmware Fi8919W
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2014-0701 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software
NVD VulDB
CVSS 2.0
7.8
EPSS
0.4%
CVE-2014-0705 HIGH This Week

The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.1
EPSS
0.4%
CVE-2014-0704 HIGH This Week

The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Wireless Lan Controller Software Wireless Lan Controller
NVD VulDB
CVSS 2.0
7.1
EPSS
0.4%
CVE-2014-0336 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Dimensions Cm
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-0335 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Dimensions Cm
NVD VulDB
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-6315 MEDIUM This Month

IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 do not properly restrict use of FRAME elements, which makes it easier for remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Enterprise Records Infosphere Enterprise Records
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-6304 MEDIUM PATCH This Month

Multiple directory traversal vulnerabilities in Algo Risk Application (ARA) 2.4.0.1 through 4.9.1 in IBM Algo One allow remote authenticated users to bypass intended access restrictions via a crafted. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Algo One Algo Risk Application
NVD VulDB
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-6437 MEDIUM PATCH This Month

The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Nova
NVD VulDB
CVSS 2.0
4.0
EPSS
0.4%
CVE-2014-0630 MEDIUM This Month

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Documentum Taskspace
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-6314 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Enterprise Records Infosphere Enterprise Records
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-0624 LOW Monitor

EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions. Rated low severity (CVSS 2.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Rsa Data Loss Prevention
NVD VulDB
CVSS 2.0
2.7
EPSS
0.1%
CVE-2014-0890 LOW Monitor

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords. Rated low severity (CVSS 1.9). No vendor patch available.

IBM Authentication Bypass Sametime
NVD VulDB
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy