Skip to main content
CVE-2014-4880 HIGH POC THREAT Act Now

Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 78.6%.

Hikvision RCE Buffer Overflow Dvr Ds 7204 Firmware
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
78.6%
Threat
5.4
CVE-2014-9029 HIGH Act Now

Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 32.6% and no vendor patch available.

RCE Buffer Overflow Jasper
NVD
CVSS 2.0
7.5
EPSS
32.6%
CVE-2014-9280 HIGH POC PATCH This Week

The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE PHP Code Injection Mantisbt
NVD GitHub
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-9348 HIGH POC This Week

SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot parameter to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Robotstats
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.9%
CVE-2014-9345 HIGH POC This Week

SQL injection vulnerability in Guruperl.net Advertise With Pleasure!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Advertise With Pleasure
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.9%
CVE-2014-1693 HIGH POC This Week

Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Erlang Otp
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2014-9347 HIGH POC This Week

SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Phpmyrecipes
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy