Skip to main content
CVE-2013-5951 LOW POC Monitor

Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1). Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Extplorer
NVD VulDB
CVSS 2.0
2.6
EPSS
0.3%
CVE-2014-0884 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Protector For Mail Security
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-2573 LOW PATCH Monitor

The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a. Rated low severity (CVSS 2.3).

Denial Of Service Privilege Escalation VMware Compute
NVD VulDB
CVSS 2.0
2.3
EPSS
0.1%
CVE-2014-0076 LOW Monitor

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces. Rated low severity (CVSS 1.9). No vendor patch available.

Information Disclosure OpenSSL
NVD VulDB
CVSS 2.0
1.9
EPSS
0.4%
CVE-2014-1515 LOW Monitor

Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via. Rated low severity (CVSS 1.9). No vendor patch available.

Mozilla Google Information Disclosure Firefox
NVD VulDB
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy