Skip to main content
CVE-2014-3138 MEDIUM POC This Month

SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Docushare
NVD Exploit-DB VulDB
CVSS 2.0
6.5
EPSS
3.5%
CVE-2014-1441 MEDIUM POC This Month

Core FTP Server 1.2 before build 515 allows remote attackers to cause a denial of service (reachable assertion and crash) via an AUTH SSL command with malformed data, as demonstrated by pressing the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Denial Of Service Core Ftp
NVD VulDB
CVSS 2.0
4.3
EPSS
1.1%
CVE-2014-1443 MEDIUM POC This Month

Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Core Ftp
NVD VulDB
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-1442 MEDIUM POC This Month

Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Core Ftp
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-3006 MEDIUM This Month

Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Information Enterprise Server
NVD VulDB
CVSS 2.0
6.8
EPSS
0.5%
CVE-2014-2905 MEDIUM This Month

fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Fish
NVD GitHub VulDB
CVSS 2.0
6.9
EPSS
0.0%
CVE-2014-2172 MEDIUM This Month

Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows local users to gain privileges by leveraging improper handling of the u-boot compiler flag for. Rated medium severity (CVSS 6.6). No vendor patch available.

Cisco Buffer Overflow Telepresence Tc Software Telepresence Te Software
NVD VulDB
CVSS 2.0
6.6
EPSS
0.1%
CVE-2014-3125 MEDIUM PATCH This Month

Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash). Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Xen
NVD VulDB
CVSS 2.0
6.2
EPSS
0.3%
CVE-2014-1989 MEDIUM This Month

Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Garoon
NVD VulDB
CVSS 2.0
6.0
EPSS
0.2%
CVE-2014-3001 MEDIUM This Month

The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Freebsd
NVD VulDB
CVSS 2.0
5.8
EPSS
0.3%
CVE-2013-7061 MEDIUM PATCH This Month

Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Plone
NVD VulDB
CVSS 2.0
5.5
EPSS
0.3%
CVE-2013-7060 MEDIUM PATCH This Month

Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Plone
NVD VulDB
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-1899 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Access Gateway Firmware Netscaler Access Gateway
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-7110 MEDIUM PATCH This Month

Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Transifex
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-2073 MEDIUM PATCH This Month

Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Transifex
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy