Skip to main content
CVE-2014-3500 MEDIUM This Month

Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Apache Cordova
NVD
CVSS 2.0
6.4
EPSS
1.2%
CVE-2014-8566 MEDIUM PATCH This Month

The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Mod Auth Mellon Linux
NVD GitHub
CVSS 2.0
6.4
EPSS
0.9%
CVE-2014-7997 MEDIUM This Month

The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS
NVD
CVSS 2.0
6.1
EPSS
0.2%
CVE-2014-4975 MEDIUM This Month

Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Ruby Enterprise Linux Desktop Enterprise Linux Hpc Node +4
NVD VulDB
CVSS 2.0
5.0
EPSS
3.4%
CVE-2014-3501 MEDIUM This Month

Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Google Apache Cordova
NVD
CVSS 2.0
4.3
EPSS
1.7%
CVE-2014-5388 MEDIUM PATCH This Month

Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Buffer Overflow Qemu Ubuntu Linux
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2014-3502 MEDIUM This Month

Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Information Disclosure Apache Cordova
NVD
CVSS 2.0
4.3
EPSS
1.5%
CVE-2014-7248 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows remote attackers to inject arbitrary web script or HTML by triggering a crafted entry in a log file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Ilogscanner
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3707 MEDIUM This Month

The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Buffer Overflow Ubuntu Linux Mac Os X Opensuse +3
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy