Skip to main content
CVE-2014-7866 HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.8%.

Path Traversal Zoho Manageengine Social It Plus Manageengine It360 Manageengine Opmanager
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.8%
Threat
5.5
CVE-2014-9163 HIGH KEV THREAT Act Now

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Buffer Overflow Stack Overflow RCE Adobe Microsoft
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
3.6%
CVE-2014-7879 HIGH PATCH This Week

HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

HP RCE Authentication Bypass Hp Ux
NVD
CVSS 2.0
8.5
EPSS
0.4%
CVE-2014-8298 HIGH This Week

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Nvidia Google Denial Of Service Gpu Driver +1
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2014-4466 HIGH PATCH This Week

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apple RCE Buffer Overflow Iphone Os +3
NVD
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-8003 HIGH This Week

Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Computing System
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2014-2608 HIGH This Week

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Microsoft Smart Update Manager
NVD
CVSS 2.0
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy