Skip to main content
CVE-2014-2730 MEDIUM This Month

The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Office
NVD VulDB
CVSS 2.0
5.0
EPSS
9.3%
CVE-2014-2144 MEDIUM This Month

Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service Ios Xr
NVD VulDB
CVSS 2.0
6.1
EPSS
0.1%
CVE-2012-5566 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail Edition before 4.0.8, allow remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Kronolith H4 Groupware
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-5567 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Groupware Kronolith H4
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-0337 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 routers with software before V100R006C00SPC127 allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Huawei Echo Life Hg8247 Firmware Echo Life
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-6640 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Groupware Imp
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5565 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Imp Groupware
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0827 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Workload Replay 1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Optim Workload Replay
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2145 MEDIUM This Month

Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Unity Connection
NVD VulDB
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-2600 MEDIUM This Month

Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Apache Icewall Identity Manager Icewall Sso Password Reset Option
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy