Skip to main content
CVE-2014-5504 HIGH Act Now

SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.4% and no vendor patch available.

RCE Authentication Bypass Log And Event Manager
NVD
CVSS 2.0
7.5
EPSS
25.4%
CVE-2014-3094 HIGH PATCH Act Now

Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to execute arbitrary code. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Epss exploitation probability 10.4%.

IBM RCE Buffer Overflow Microsoft Db2
NVD
CVSS 2.0
8.5
EPSS
10.4%
CVE-2014-2685 HIGH This Week

The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zend Framework Zendopenid
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2014-5285 HIGH This Week

Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Spotfire Server
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-3353 HIGH This Week

Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Apple Cisco Denial Of Service Ios Xr
NVD
CVSS 2.0
7.1
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy