Skip to main content
CVE-2014-2533 HIGH POC THREAT Act Now

/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 26.2%.

Privilege Escalation Qnx Neutrino Rtos
NVD Exploit-DB VulDB
CVSS 2.0
7.2
EPSS
26.2%
CVE-2014-1608 HIGH POC PATCH This Week

SQL injection vulnerability in the mci_file_get function in api/soap/mc_file_api.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Mantisbt Debian Linux
NVD GitHub VulDB
CVSS 2.0
7.5
EPSS
0.6%
CVE-2014-2537 HIGH PATCH This Week

Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Sophos Denial Of Service Unified Threat Management Software Unified Threat Management
NVD VulDB
CVSS 2.0
7.8
EPSS
1.7%
CVE-2014-0057 HIGH This Week

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Red Hat Cloudforms Cloudforms 3 0 Management Engine
NVD VulDB
CVSS 2.0
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy