Skip to main content
CVE-2014-4943 MEDIUM POC PATCH This Month

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Linux Linux Kernel Opensuse Linux Enterprise Desktop +3
NVD Exploit-DB GitHub
CVSS 2.0
6.9
EPSS
1.0%
CVE-2014-4331 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in admin/viewer.php in OctavoCMS allows remote attackers to inject arbitrary web script or HTML via the src parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Octavocms
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3043 MEDIUM This Month

IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.3 allows remote authenticated users to gain privileges by leveraging access to the service account. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Privilege Escalation Storwize Unified V7000 Software Storwize Unified V7000
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2014-2365 MEDIUM This Month

Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Advantech Webaccess
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2014-3064 MEDIUM This Month

The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Infosphere Master Data Management Collaboration Server Infosphere Master Data Management Server For Product Information Management
NVD
CVSS 2.0
6.3
EPSS
0.2%
CVE-2014-2519 MEDIUM This Month

The default configuration of EMC RecoverPoint Appliance (RPA) 4.1 before 4.1.0.1 does not enable a firewall, which allows remote attackers to obtain potentially sensitive information about open. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Information Disclosure Recoverpoint Appliance
NVD
CVSS 2.0
5.8
EPSS
0.4%
CVE-2012-2682 MEDIUM This Month

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Enterprise Mrg
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-7391 MEDIUM PATCH This Month

The Entity API module 7.x-1.x before 7.x-1.2 for Drupal, when using the (a) Views field or (b) area plugins, allows remote attackers to read restricted entities via the (1) field, (2) header, or (3). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Entity Api
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-3325 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Customer Voice Portal (CVP) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug IDs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Unified Customer Voice Portal
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-4273 MEDIUM PATCH This Month

The Entity API module 7.x-1.x before 7.x-1.2 for Drupal does not properly restrict access to node comments, which allows remote authenticated users to read the comments via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Entity Api
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy