SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.