Skip to main content
CVE-2014-8121 MEDIUM POC This Month

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Suse Linux Enterprise Desktop Suse Linux Enterprise Server Glibc Ubuntu Linux
NVD
CVSS 2.0
5.0
EPSS
3.0%
CVE-2015-2770 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF V Series Appliances
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2769 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allow remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Triton Ap Email
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2759 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Data Loss Prevention Endpoint
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2758 MEDIUM This Month

The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Data Loss Prevention Endpoint
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2014-3619 MEDIUM This Month

The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Opensuse Glusterfs
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2015-2773 MEDIUM This Month

SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure V Series Appliances
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-2766 MEDIUM This Month

The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allows attackers to have unspecified impact via a brute force attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Triton Ap Email
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-2771 MEDIUM This Month

The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Triton Ap Email V Series Appliances
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-2762 MEDIUM This Month

Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Triton Ap Web
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-2768 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Triton Ap Email V Series Appliances
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-2764 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-DATA before 8.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the DSS (1) Mobile. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Triton Ap Data
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-2761 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Triton Ap Web
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-2765 MEDIUM This Month

The Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 allows remote attackers to conduct clickjacking attacks via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Triton Ap Email
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-2757 MEDIUM This Month

The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Data Loss Prevention Endpoint
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2014-9712 MEDIUM This Month

Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure V Series Appliances
NVD
CVSS 2.0
4.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy