Skip to main content
CVE-2013-6825 HIGH POC This Week

(1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) dcmnet/libsrc/scp.cc, (4) dcmwlm/libsrc/wlmactmg.cc, (5) dcmprscp.cc and (6) dcmpsrcv.cc in dcmpstat/apps/, (7) dcmpstat/tests/msgserv.cc, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Dcmtk
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2014-3216 MEDIUM POC This Month

GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Gom Media Player
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
7.0%
CVE-2014-3289 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and earlier, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Cisco Ironport Asyncos Web Security Appliance Content Security Management Appliance +1
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2014-4017 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the Conversion Ninja plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to lp/index.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Conversion Ninja
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-3292 MEDIUM This Month

The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL,. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Manager
NVD
CVSS 2.0
5.5
EPSS
0.7%
CVE-2014-3465 MEDIUM This Month

The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gnutls
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2014-3880 MEDIUM This Month

The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Freebsd
NVD
CVSS 2.0
4.9
EPSS
0.0%
CVE-2014-3042 MEDIUM This Month

IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does not properly implement CEMT transactions, which allows remote authenticated users to cause a denial of service (storage overlay). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Cics Transaction Server
NVD
CVSS 2.0
4.0
EPSS
0.8%
CVE-2014-0220 MEDIUM This Month

Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cloudera Manager
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-3294 MEDIUM This Month

Cisco WebEx Meeting Server does not properly restrict the content of URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Webex Meetings Server
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-3287 MEDIUM This Month

SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Java Unified Communications Manager
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-3873 LOW PATCH Monitor

The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Information Disclosure Freebsd
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy