Skip to main content
CVE-2014-2497 MEDIUM POC PATCH THREAT This Month

The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.1%.

Denial Of Service PHP Null Pointer Dereference Ubuntu Linux Linux Enterprise Server +9
NVD VulDB
CVSS 2.0
4.3
EPSS
12.1%
CVE-2014-0829 MEDIUM PATCH This Month

Multiple buffer overflows in IBM Rational ClearCase 7.x before 7.1.2.13, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.3 allow remote authenticated users to obtain privileged access via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Buffer Overflow Rational Clearcase
NVD VulDB
CVSS 2.0
6.5
EPSS
0.5%
CVE-2013-5401 MEDIUM This Month

The command-port listener in IBM WebSphere MQ Internet Pass-Thru (MQIPT) 2.x before 2.1.0.1 allows remote attackers to cause a denial of service (remote-administration outage) via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Websphere Mq Internet Pass Thru
NVD VulDB
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-2276 MEDIUM This Month

The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Connectrix Manager
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-6401 MEDIUM This Month

Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Jansson
NVD GitHub VulDB
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-0708 MEDIUM This Month

WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meeting Center
NVD VulDB
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-7340 MEDIUM This Month

VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Vlc Media Player
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2567 MEDIUM This Month

The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Trojita
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy