Skip to main content
CVE-2013-7196 MEDIUM POC This Month

static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Phpfox
NVD Exploit-DB VulDB
CVSS 2.0
5.5
EPSS
2.7%
CVE-2013-4279 MEDIUM POC This Month

imapsync 1.564 and earlier performs a release check by default, which sends sensitive information (imapsync, operating system, and Perl version) to the developer's site. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imapsync
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2012-0871 MEDIUM This Month

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on. Rated medium severity (CVSS 6.3). No vendor patch available.

Information Disclosure Systemd Opensuse
NVD VulDB
CVSS 2.0
6.3
EPSS
0.1%
CVE-2014-2288 MEDIUM PATCH This Month

The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Asterisk
NVD VulDB
CVSS 2.0
4.3
EPSS
7.5%
CVE-2013-7195 MEDIUM This Month

PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Phpfox
NVD VulDB
CVSS 2.0
5.5
EPSS
0.2%
CVE-2014-0150 MEDIUM PATCH This Month

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request,. Rated medium severity (CVSS 4.9).

RCE Buffer Overflow Qemu Enterprise Linux
NVD VulDB
CVSS 2.0
4.9
EPSS
0.6%
CVE-2014-2597 MEDIUM This Month

PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Rac Server
NVD VulDB
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-2856 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cups
NVD VulDB
CVSS 2.0
4.3
EPSS
1.0%
CVE-2014-2014 MEDIUM PATCH This Month

imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Authentication Bypass Imapsync
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2522 MEDIUM PATCH This Month

curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Curl Libcurl
NVD VulDB
CVSS 2.0
4.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy