Skip to main content
CVE-2014-0910 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, and 7.0.0 through 7.0.0.2 CF28 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

IBM XSS Websphere Portal
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
1.4%
CVE-2014-3013 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Social Program Management 4.5 SP10 through 6.0.5.4 allow remote authenticated users to inject arbitrary web script or HTML via crafted. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Curam Social Program Management
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-3012 LOW Monitor

Multiple CRLF injection vulnerabilities in IBM Curam Social Program Management 5.2 SP1 through 6.0.5.4 allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Code Injection Curam Social Program Management
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-4021 LOW PATCH Monitor

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. Rated low severity (CVSS 2.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Xen
NVD
CVSS 2.0
2.7
EPSS
0.2%
CVE-2014-2000 LOW Monitor

The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive information by leveraging the ability to read system log files. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Google Information Disclosure 050 Plus
NVD
CVSS 2.0
2.6
EPSS
0.3%
CVE-2014-1652 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 2.3). No vendor patch available.

XSS Web Gateway
NVD
CVSS 2.0
2.3
EPSS
0.5%
CVE-2014-4303 LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Touch
NVD
CVSS 2.0
2.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy