Skip to main content
CVE-2012-6429 CRITICAL POC THREAT Emergency

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 49.9%.

RCE Samsung Buffer Overflow Kies
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
49.9%
Threat
5.0
CVE-2013-2287 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) notify or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Uploader
NVD Exploit-DB VulDB
CVSS 2.0
4.3
EPSS
9.2%
CVE-2014-2210 HIGH PATCH Act Now

Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9%.

Path Traversal RCE Denial Of Service Erwin Web Portal
NVD VulDB
CVSS 2.0
7.5
EPSS
11.9%
CVE-2013-3930 CRITICAL PATCH Act Now

Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

RCE Buffer Overflow Core Ftp
NVD VulDB
CVSS 2.0
9.3
EPSS
2.0%
CVE-2012-5648 HIGH This Week

Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Foreman
NVD GitHub VulDB
CVSS 2.0
7.5
EPSS
0.7%
CVE-2014-0592 HIGH PATCH This Week

Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Barclamp Suse Cloud
NVD GitHub VulDB
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-2115 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Emergency Responder
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4920 MEDIUM PATCH This Month

Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal WordPress PHP Forums
NVD VulDB
CVSS 2.0
5.0
EPSS
1.1%
CVE-2014-0789 MEDIUM This Month

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Schneider Electric Buffer Overflow Opc Factory Server Tlxcdlfofs +4
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2014-2143 MEDIUM This Month

The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS Ios Xe
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-2117 MEDIUM This Month

Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Open Redirect Emergency Responder
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2116 MEDIUM This Month

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Code Injection Emergency Responder
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2114 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Emergency Responder
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0638 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Rsa Adaptive Authentication On Premise
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0637 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Rsa Adaptive Authentication On Premise
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy