Skip to main content
CVE-2014-2988 HIGH POC This Week

EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE PHP Code Injection Egroupware
NVD
CVSS 2.0
8.5
EPSS
0.8%
CVE-2014-3954 CRITICAL PATCH Act Now

Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow Freebsd
NVD
CVSS 2.0
10.0
EPSS
8.9%
CVE-2012-5580 HIGH POC This Week

Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Code Injection Libproxy
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2012-1111 MEDIUM POC This Month

lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightdm
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2014-4586 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the wp-football plugin 1.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the league parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Wp Football
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-3711 MEDIUM PATCH This Month

namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Freebsd
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2014-3955 MEDIUM PATCH This Month

routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Freebsd
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-0136 MEDIUM This Month

The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Information Disclosure Cloudforms 3 0 Management Engine
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-8327 MEDIUM PATCH This Month

The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Fal Sftp
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy