Skip to main content
CVE-2013-1604 MEDIUM POC THREAT This Month

Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.8%.

Path Traversal Ip Camera Firmware
NVD Exploit-DB VulDB
CVSS 2.0
5.0
EPSS
12.8%
CVE-2014-2526 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7 allow remote attackers to inject arbitrary web script or HTML via the (1) sForumName or (2) sDescription parameter to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Barracudadrive
NVD VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2014-2016 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in OXID eShop Professional and Community Edition 4.6.8 and earlier, 4.7.x before 4.7.11, and 4.8.x before 4.8.4, and Enterprise Edition 4.6.8 and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Eshop
NVD Exploit-DB VulDB
CVSS 2.0
4.3
EPSS
1.0%
CVE-2014-1492 MEDIUM POC This Month

The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Network Security Services
NVD VulDB
CVSS 2.0
4.3
EPSS
0.8%
CVE-2014-0885 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

IBM CSRF Lotus Protector For Mail Security
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-5443 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

IBM CSRF Cognos Express
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-2386 MEDIUM This Month

Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service (crash) via unspecified vectors to the (1) display_nav_table, (2). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Icinga Opensuse
NVD VulDB
CVSS 2.0
5.0
EPSS
0.8%
CVE-2014-0628 MEDIUM This Month

The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly process certificate chains, which allows remote attackers to cause a denial of service (daemon crash) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Bsafe Micro Edition Suite
NVD VulDB
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-5444 MEDIUM This Month

The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cognos Express
NVD VulDB
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-5445 MEDIUM This Month

IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Cognos Express
NVD VulDB
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-0343 MEDIUM This Month

The web interface on Virtual Access GW6110A routers with software 9.00 before 9.09.27, 9.50 before 9.50.21, and 10.00 before 10.00.21 allows remote authenticated users to gain privileges via a. Rated medium severity (CVSS 4.9). No vendor patch available.

Information Disclosure Gw6110A Firmware Gw6110A
NVD VulDB
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-2538 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rack Ssl
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy