Skip to main content
CVE-2013-1636 MEDIUM POC PATCH THREAT This Month

Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.3%.

XSS WordPress Prettylinks Com Jnews Civicrm
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
10.3%
CVE-2013-4649 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the __dnnVariable parameter to the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0317 MEDIUM This Month

The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. Epss exploitation probability 12.5% and no vendor patch available.

Authentication Bypass Microsoft Windows Server 2003 Windows Server 2008 Windows Server 2012 +2
NVD VulDB
CVSS 2.0
5.4
EPSS
12.5%
CVE-2014-0323 MEDIUM PATCH This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Microsoft Windows 7 Windows 8 +8
NVD VulDB
CVSS 2.0
6.6
EPSS
0.9%
CVE-2014-0503 MEDIUM This Month

Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Microsoft Flash Player
NVD VulDB
CVSS 2.0
6.4
EPSS
0.5%
CVE-2014-0504 MEDIUM This Month

Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player
NVD VulDB
CVSS 2.0
5.0
EPSS
1.3%
CVE-2013-7335 MEDIUM PATCH This Month

Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Open Redirect
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy