Skip to main content
CVE-2014-5383 MEDIUM POC THREAT This Month

SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.9%.

SQLi Open Source Security Information Management
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
28.9%
CVE-2014-3577 MEDIUM POC PATCH This Month

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Apache Httpclient Httpasyncclient
NVD
CVSS 2.0
5.8
EPSS
1.4%
CVE-2014-5385 MEDIUM POC This Month

com/salesmanager/central/profile/ProfileAction.java in Shopizer 1.1.5 and earlier does not restrict the number of authentication attempts, which makes it easier for remote attackers to guess. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java Authentication Bypass Shopizer
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-5384 MEDIUM This Month

The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Freebsd Netbsd
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-3951 MEDIUM This Month

The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Freebsd Netbsd
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-3562 MEDIUM This Month

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Information Disclosure 389 Directory Server Directory Server Enterprise Linux
NVD
CVSS 2.0
5.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy