Skip to main content
CVE-2012-5106 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

RCE Buffer Overflow Freefloat Ftp Server
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
24.1%
Threat
4.2
CVE-2014-0007 HIGH POC PATCH This Week

The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Foreman
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
6.4%
CVE-2014-3496 CRITICAL Act Now

cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Openshift Openshift Origin
NVD GitHub
CVSS 2.0
10.0
EPSS
5.4%
CVE-2012-2591 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 10.0 and 10.0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) From or (2) Date field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Emailarchitect Email Server
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
5.7%
CVE-2012-2580 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, and possibly before 1.5.15, for WordPress allows remote attackers to inject arbitrary web script or HTML via the From field of an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress Postie
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.6%
CVE-2012-2579 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress Wp Simplemail
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.6%
CVE-2012-0273 HIGH This Week

Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote attackers to execute arbitrary code via a (1) session_id cookie in a request to the get_cookie_value function in response.c, (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Minalic
NVD
CVSS 2.0
7.5
EPSS
4.3%
CVE-2014-4507 MEDIUM PATCH This Month

Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Foreman
NVD
CVSS 2.0
6.4
EPSS
0.8%
CVE-2014-4505 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Easy Breadcrumb
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-4506 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer custom meta. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Custom Meta
NVD
CVSS 2.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy