Skip to main content
CVE-2013-4290 CRITICAL POC Act Now

Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Openjpeg
NVD VulDB
CVSS 2.0
10.0
EPSS
1.4%
CVE-2014-2286 HIGH PATCH Act Now

main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8%.

RCE Denial Of Service Asterisk Fedora Certified Asterisk
NVD VulDB
CVSS 2.0
7.5
EPSS
14.8%
CVE-2013-4289 CRITICAL Act Now

Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Openjpeg
NVD VulDB
CVSS 2.0
10.0
EPSS
1.9%
CVE-2013-7196 MEDIUM POC This Month

static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Phpfox
NVD Exploit-DB VulDB
CVSS 2.0
5.5
EPSS
2.7%
CVE-2013-4279 MEDIUM POC This Month

imapsync 1.564 and earlier performs a release check by default, which sends sensitive information (imapsync, operating system, and Perl version) to the developer's site. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imapsync
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-7369 HIGH This Week

SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix SQLi Microsoft Anti Virus Email And Server Security +1
NVD VulDB
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-2844 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Secure Messaging Secure Gateway
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2012-0871 MEDIUM This Month

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on. Rated medium severity (CVSS 6.3). No vendor patch available.

Information Disclosure Systemd Opensuse
NVD VulDB
CVSS 2.0
6.3
EPSS
0.1%
CVE-2014-2288 MEDIUM PATCH This Month

The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Asterisk
NVD VulDB
CVSS 2.0
4.3
EPSS
7.5%
CVE-2013-7195 MEDIUM This Month

PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Phpfox
NVD VulDB
CVSS 2.0
5.5
EPSS
0.2%
CVE-2014-0150 MEDIUM PATCH This Month

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request,. Rated medium severity (CVSS 4.9).

RCE Buffer Overflow Qemu Enterprise Linux
NVD VulDB
CVSS 2.0
4.9
EPSS
0.6%
CVE-2014-2597 MEDIUM This Month

PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Rac Server
NVD VulDB
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-2287 LOW PATCH Monitor

channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Denial Of Service Certified Asterisk Asterisk Fedora
NVD VulDB
CVSS 2.0
3.5
EPSS
5.2%
CVE-2014-2856 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cups
NVD VulDB
CVSS 2.0
4.3
EPSS
1.0%
CVE-2014-2014 MEDIUM PATCH This Month

imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Authentication Bypass Imapsync
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2289 LOW PATCH Monitor

res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Denial Of Service Asterisk
NVD VulDB
CVSS 2.0
3.5
EPSS
3.7%
CVE-2014-2522 MEDIUM PATCH This Month

curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Curl Libcurl
NVD VulDB
CVSS 2.0
4.0
EPSS
0.3%
CVE-2012-6646 LOW Monitor

F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Anti Virus Psb Workstation Security Safe Anywhere
NVD VulDB
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy