Skip to main content
CVE-2015-1467 HIGH POC This Week

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Fork Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2015-1442 HIGH POC This Week

SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Zerocms
NVD
CVSS 2.0
7.5
EPSS
1.0%
CVE-2015-1514 HIGH POC This Week

Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Famoc
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-9632 HIGH POC This Week

The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Protection Internet Security
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.8%
CVE-2014-9642 HIGH POC This Week

bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Bdagent Sys Internet Security Online Backup Premium Protection
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.1%
CVE-2014-9643 HIGH POC This Week

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation K7Sentry Sys Anti Virus Plus Total Security Ultimate Security
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.7%
CVE-2014-9641 HIGH POC This Week

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Privilege Escalation Tmeext Sys
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.5%
CVE-2015-1209 HIGH This Week

Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Google Microsoft +8
NVD
CVSS 2.0
7.5
EPSS
1.4%
CVE-2015-1212 HIGH This Week

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Microsoft Chrome Ubuntu Linux +6
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-1211 HIGH This Week

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Microsoft Chrome Ubuntu Linux +6
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-1513 HIGH This Week

SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Siphone Enterprise Pbx
NVD
CVSS 2.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy