Skip to main content
CVE-2014-7981 HIGH POC THREAT Act Now

SQL injection vulnerability in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

SQLi Joomla
NVD
CVSS 2.0
7.5
EPSS
14.3%
CVE-2014-6394 HIGH POC PATCH This Week

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Node.js Fedora Xcode Node Js
NVD GitHub
CVSS 2.0
7.5
EPSS
4.8%
CVE-2014-3200 HIGH This Week

Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome Enterprise Linux Desktop Supplementary Enterprise Linux Server Supplementary +2
NVD
CVSS 2.0
7.5
EPSS
2.0%
CVE-2014-3192 HIGH This Week

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Enterprise Linux Desktop Supplementary +8
NVD
CVSS 2.0
7.5
EPSS
1.7%
CVE-2014-3193 HIGH This Week

The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Enterprise Linux Desktop Supplementary +4
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2014-3191 HIGH This Week

Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +4
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2014-3190 HIGH This Week

Use-after-free vulnerability in the Event::currentTarget function in core/events/Event.cpp in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Chrome +4
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2014-3189 HIGH This Week

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Google Chrome +4
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2014-3194 HIGH This Week

Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service or possibly have unspecified other impact via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Google Denial Of Service Use After Free Enterprise Linux Desktop Supplementary +4
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2014-3196 HIGH This Week

base/memory/shared_memory_win.cc in Google Chrome before 38.0.2125.101 on Windows does not properly implement read-only restrictions on shared memory, which allows attackers to bypass a sandbox. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Google Microsoft Chrome
NVD
CVSS 2.0
7.5
EPSS
0.2%
CVE-2014-7984 HIGH This Week

Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Joomla
NVD
CVSS 2.0
7.5
EPSS
0.2%
CVE-2014-7299 HIGH This Week

Unspecified vulnerability in administrative interfaces in ArubaOS 6.3.1.11, 6.3.1.11-FIPS, 6.4.2.1, and 6.4.2.1-FIPS on Aruba controllers allows remote attackers to bypass authentication, and obtain. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Arubaos
NVD
CVSS 2.0
7.5
EPSS
0.2%
CVE-2014-7967 HIGH This Week

Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to cause a denial of service or possibly have other impact via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome V8
NVD
CVSS 2.0
7.5
EPSS
0.1%
CVE-2014-6632 HIGH This Week

Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Joomla
NVD
CVSS 2.0
7.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy