Skip to main content
CVE-2014-0002 HIGH POC PATCH THREAT Act Now

The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.7%.

XXE Privilege Escalation Apache Camel
NVD VulDB
CVSS 2.0
7.5
EPSS
28.7%
CVE-2014-0003 HIGH POC PATCH THREAT Act Now

The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.0%.

Privilege Escalation Java Apache Camel
NVD VulDB
CVSS 2.0
7.5
EPSS
23.0%
CVE-2014-2119 HIGH This Week

The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation RCE Ironport Asyncos Content Security Management Appliance +1
NVD VulDB
CVSS 2.0
8.5
EPSS
1.4%
CVE-2014-2124 HIGH This Week

Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Apple Cisco Denial Of Service iOS Catalyst 6500
NVD VulDB
CVSS 2.0
7.1
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy