Skip to main content
CVE-2014-9527 MEDIUM PATCH This Month

HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apache Fedora Poi
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2014-3628 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Apache Solr
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2014-3764 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Paloalto Pan Os
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-8131 MEDIUM This Month

The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Libvirt
NVD
CVSS 2.0
4.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy