Skip to main content
CVE-2014-4643 MEDIUM POC THREAT This Month

Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 21.2%.

Denial Of Service RCE Buffer Overflow Core Ftp
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
21.2%
CVE-2014-4030 MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF WordPress PHP Jw Player For Flash Html5 Video Plugin
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-4645 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in dhcpinfo.html in D-link DSL-2760U-E1 allows remote attackers to inject arbitrary web script or HTML via a hostname. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS D-Link Dsl 2760U E1
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.0%
CVE-2014-3299 MEDIUM This Month

Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2014-3882 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF WordPress Login Rebuilder
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2014-2005 MEDIUM This Month

Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Sophos Authentication Bypass Enterprise Console
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2014-4617 MEDIUM This Month

The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gnupg Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
8.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy