Skip to main content
CVE-2014-7861 CRITICAL Act Now

The IOHIDSecurePromptClient function in Apple OS X does not properly validate pointer values, which allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple RCE Mac Os X
NVD
CVSS 2.0
9.3
EPSS
2.6%
CVE-2014-3396 HIGH This Week

Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Privilege Escalation Cisco Ios Xr Asr 9000 Rsp440 Router +6
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2014-2643 MEDIUM This Month

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote authenticated users to gain privileges via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Systems Insight Manager
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2014-3398 MEDIUM This Month

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Adaptive Security Appliance Software
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2014-2645 MEDIUM This Month

HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP Information Disclosure Systems Insight Manager
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2014-3400 MEDIUM This Month

Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Server
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy