Skip to main content
CVE-2014-9636 MEDIUM PATCH This Month

unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 58.4%.

Denial Of Service Buffer Overflow Unzip Ubuntu Linux Debian Linux +1
NVD
CVSS 2.0
5.0
EPSS
58.4%
CVE-2015-1305 MEDIUM POC This Month

McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Privilege Escalation Data Loss Prevention Endpoint
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.5%
CVE-2014-5332 MEDIUM POC This Month

Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Nvidia Google Linux +2
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-1512 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC before 3.17.4 allow remote attackers to inject arbitrary web script or HTML via the (1) LoginForm[username] to ui/system/login or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Famoc
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1210 MEDIUM This Month

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Google Microsoft Chrome Ubuntu Linux +6
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-1444 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web administration frontend in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 allow remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Fli4L
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-9354 MEDIUM This Month

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oncommand Balance
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy