Skip to main content
CVE-2014-8639 MEDIUM This Month

Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Seamonkey Firefox Firefox Esr +1
NVD
CVSS 2.0
6.8
EPSS
1.8%
CVE-2014-8638 MEDIUM This Month

The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Mozilla Firefox Firefox Esr Thunderbird +1
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2015-0578 MEDIUM This Month

Cisco Adaptive Security Appliance (ASA) Software, when a DHCPv6 relay is configured, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets on the local. Rated medium severity (CVSS 5.7). No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software
NVD
CVSS 2.0
5.7
EPSS
0.6%
CVE-2014-8640 MEDIUM This Month

The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Race Condition Mozilla Denial Of Service Firefox Opensuse +1
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2015-0579 MEDIUM This Month

Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Telepresence Video Communication Server
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2014-8637 MEDIUM This Month

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Seamonkey Firefox
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-3314 MEDIUM This Month

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Google Information Disclosure Anyconnect Secure Mobility Client
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0583 MEDIUM This Month

Cisco WebEx Meeting Center does not properly restrict the content of URLs, which allows remote attackers to obtain sensitive information via vectors related to file: URIs, aka Bug ID CSCus18281. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meeting Center
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-8642 MEDIUM This Month

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Seamonkey Opensuse Firefox
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2015-0577 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Asyncos
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy