Skip to main content
CVE-2014-3618 HIGH POC This Week

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow Procmail Ubuntu Linux
NVD
CVSS 2.0
7.5
EPSS
9.8%
CVE-2014-5464 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 23.2%.

XSS Ntopng
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
23.2%
CVE-2014-5369 MEDIUM POC PATCH This Month

Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Enigmail
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-0152 MEDIUM PATCH This Month

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Information Disclosure Ovirt Ovirt Engine
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2014-0153 MEDIUM PATCH This Month

The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 local storage, which allows remote attackers to obtain sensitive information via a crafted web page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Ovirt
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy