Skip to main content
CVE-2014-8135 LOW POC Monitor

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libvirt
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-6173 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Process Inspector in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Business Process Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-7267 LOW Monitor

Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Atlassian Wbs Gantt Chart
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-4801 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Quality Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-8136 LOW Monitor

The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Mageia Libvirt Ubuntu Linux +5
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy