Skip to main content
CVE-2014-1303 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 44.8%.

Apple Buffer Overflow RCE Safari
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
44.8%
Threat
4.8
CVE-2014-1300 CRITICAL Act Now

Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Google RCE Safari
NVD VulDB
CVSS 2.0
10.0
EPSS
8.5%
CVE-2014-1828 MEDIUM POC This Month

The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad devices allows remote attackers to cause a denial of service (disk consumption) by uploading a large file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Apple Denial Of Service Ithoughtshd
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-0904 HIGH This Week

The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

IBM RCE Security Appscan
NVD VulDB
CVSS 2.0
7.6
EPSS
3.8%
CVE-2014-1827 MEDIUM POC This Month

The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Apple Information Disclosure Ithoughtshd
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-1826 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Apple Ithoughtshd
NVD VulDB
CVSS 2.0
2.6
EPSS
0.2%
CVE-2014-0055 MEDIUM This Month

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Red Hat Linux Enterprise Linux
NVD VulDB
CVSS 2.0
5.5
EPSS
0.3%
CVE-2013-3997 MEDIUM This Month

Open redirect vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated users to redirect users to arbitrary web. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

IBM Open Redirect Infosphere Biginsights
NVD VulDB
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-0848 LOW Monitor

The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Apache Netezza Performance Portal
NVD VulDB
CVSS 2.0
3.5
EPSS
0.3%
CVE-2013-3998 LOW Monitor

CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated users to inject arbitrary HTTP headers and. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM RCE Code Injection Infosphere Biginsights
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-3976 LOW Monitor

The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the (2) FlashCopy Manager for Exchange component 2.2 and 3.1 before. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM Privilege Escalation Microsoft Data Protection Flashcopy Manager +2
NVD VulDB
CVSS 2.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy