Skip to main content
CVE-2014-0476 LOW POC THREAT Monitor

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. Rated low severity (CVSS 3.7). Public exploit code available and EPSS exploitation probability 11.4%.

RCE Chkrootkit Ubuntu Linux
NVD Exploit-DB
CVSS 2.0
3.7
EPSS
11.4%
CVE-2014-2021 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Vbulletin
NVD GitHub Exploit-DB
CVSS 2.0
3.5
EPSS
0.9%
CVE-2014-6151 LOW Monitor

CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Code Injection Tivoli Integrated Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-6152 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Integrated Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-4620 LOW Monitor

The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files,. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Meditech Networker
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-3636 LOW PATCH Monitor

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of. Rated low severity (CVSS 1.9).

Denial Of Service D Bus Dbus Opensuse
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy