Skip to main content
CVE-2014-3488 MEDIUM POC PATCH This Month

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Netty
NVD GitHub
CVSS 2.0
5.0
EPSS
0.9%
CVE-2012-6651 MEDIUM POC PATCH This Month

Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal WordPress PHP Vitamin
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-3554 MEDIUM PATCH This Month

Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service RCE Buffer Overflow Libndp
NVD
CVSS 2.0
6.8
EPSS
0.6%
CVE-2014-5176 MEDIUM This Month

SAP FI Manager Self-Service has a hard-coded user name, which makes it easier for remote attackers to obtain access via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure SAP Fi Manager Self Service
NVD
CVSS 2.0
6.0
EPSS
1.6%
CVE-2014-5173 MEDIUM This Month

SAP HANA Extend Application Services (XS) allows remote attackers to bypass access restrictions via a request to a private IU5 SDK application that was once public. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Hana Extended Application Services
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-5172 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the XS Administration Tools in SAP HANA allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS SAP Hana
NVD
CVSS 2.0
4.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy