Skip to main content
CVE-2014-5465 MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 32.8%.

Path Traversal WordPress PHP Download Shortcode
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
32.8%
CVE-2014-1564 MEDIUM POC THREAT This Month

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 13.9%.

Memory Corruption Mozilla Information Disclosure Evergreen Opensuse +2
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
13.9%
CVE-2014-1563 CRITICAL Act Now

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Mozilla Buffer Overflow +6
NVD
CVSS 2.0
10.0
EPSS
1.4%
CVE-2014-1562 CRITICAL Act Now

Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Firefox +2
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2014-1554 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Firefox
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2014-1553 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Evergreen +3
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2014-1567 CRITICAL Act Now

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla RCE Firefox Firefox Esr Thunderbird
NVD
CVSS 2.0
9.3
EPSS
2.6%
CVE-2012-4226 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Quick Post Widget plugin 1.9.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Title, (2) Content, or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress Quick Post Widget
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-1565 MEDIUM This Month

The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow Firefox Thunderbird
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2014-1566 MEDIUM This Month

Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Privilege Escalation Google Firefox
NVD
CVSS 2.0
4.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy