Skip to main content
CVE-2014-1990 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF E Studio 232 E Studio 233 E Studio 282 E Studio 283
NVD Exploit-DB VulDB
CVSS 2.0
6.8
EPSS
0.4%
CVE-2014-1984 MEDIUM PATCH This Month

Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Remote Service Manager
NVD VulDB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2013-6212 MEDIUM This Month

Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Database And Middleware Automation
NVD VulDB
CVSS 2.0
6.5
EPSS
0.2%
CVE-2014-1974 MEDIUM This Month

Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Andexplorer
NVD VulDB
CVSS 2.0
6.4
EPSS
0.3%
CVE-2014-2155 MEDIUM This Month

The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Cns Network Registrar
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-2733 MEDIUM This Month

Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Siemens Sinema Server
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-2732 MEDIUM This Month

Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port (1) 4999 or. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Siemens Sinema Server
NVD VulDB
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-0778 MEDIUM This Month

TCPUploader module listens on Port 10651/TCP for incoming connections. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Movicon
NVD VulDB
CVSS 2.0
4.3
EPSS
1.5%
CVE-2013-6214 MEDIUM This Month

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Universal Configuration Management Database
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy