Skip to main content
CVE-2014-0782 HIGH POC THREAT Act Now

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.8%.

RCE Stack Overflow Buffer Overflow B M9000Cs Software B M9000Cs +13
NVD Exploit-DB
CVSS 2.0
8.3
EPSS
39.8%
Threat
4.4
CVE-2014-1649 HIGH POC THREAT Act Now

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS. Rated high severity (CVSS 7.9). Public exploit code available and EPSS exploitation probability 40.2%.

Privilege Escalation Workspace Streaming
NVD Exploit-DB
CVSS 2.0
7.9
EPSS
40.2%
Threat
4.3
CVE-2014-1613 HIGH POC PATCH This Week

Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE PHP Code Injection Dotclear
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2014-0643 HIGH This Week

EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Rsa Netwitness Rsa Security Analytics
NVD
CVSS 2.0
7.6
EPSS
0.9%
CVE-2014-3759 HIGH This Week

Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Si Bibtex
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-0964 HIGH This Week

IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM Denial Of Service Websphere Application Server
NVD
CVSS 2.0
7.1
EPSS
1.2%
CVE-2014-0918 HIGH This Week

Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal IBM Websphere Portal
NVD
CVSS 2.0
7.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy