Skip to main content
CVE-2014-5456 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows remote authenticated users with the "[Content Type]: Create new content" permission to inject. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Social Stats
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2014-5457 LOW Monitor

QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Qnap Privilege Escalation Ts 469U Firmware Ts 469U Ts Ec1679U Rp Firmware +5
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-0974 LOW PATCH Monitor

The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other. Rated low severity (CVSS 1.9).

Qualcomm Privilege Escalation Google Little Kernel Bootloader
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy