Skip to main content
CVE-2014-0338 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Watchguard Fireware
NVD VulDB
CVSS 2.0
4.3
EPSS
3.3%
CVE-2014-0339 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in view.cgi in Webmin before 1.680 allows remote attackers to inject arbitrary web script or HTML via the search parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Webmin
NVD VulDB
CVSS 2.0
4.3
EPSS
1.9%
CVE-2013-4057 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

IBM CSRF Infosphere Information Server
NVD VulDB
CVSS 2.0
6.8
EPSS
0.2%
CVE-2014-0873 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Product interfaces in IBM InfoSphere Master Data Management (MDM) Server 8.5 before. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

IBM CSRF Infosphere Master Data Management Server
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-4058 MEDIUM This Month

Multiple SQL injection vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allow remote authenticated users to execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM SQLi Infosphere Information Server
NVD VulDB
CVSS 2.0
6.5
EPSS
0.5%
CVE-2014-2253 MEDIUM PATCH This Month

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Denial Of Service Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
6.1
EPSS
0.2%
CVE-2014-2247 MEDIUM PATCH This Month

The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Code Injection Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
5.8
EPSS
0.7%
CVE-2014-2249 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 and SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allows remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

CSRF Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
5.8
EPSS
0.2%
CVE-2014-2248 MEDIUM PATCH This Month

Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to redirect users to arbitrary web sites and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Open Redirect Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
4.3
EPSS
0.7%
CVE-2014-2246 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-4059 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allow remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Infosphere Information Server
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-1701 MEDIUM This Month

The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Google Chrome
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy