Skip to main content
CVE-2014-9707 HIGH POC THREAT Act Now

EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 60.6%.

Path Traversal Denial Of Service RCE Buffer Overflow Goahead
NVD GitHub
CVSS 2.0
7.5
EPSS
60.6%
Threat
4.8
CVE-2014-9706 HIGH POC PATCH GHSA This Week

The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Debian Linux Dulwich
NVD
CVSS 2.0
7.5
EPSS
2.8%
CVE-2014-9462 HIGH POC PATCH This Week

The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Opensuse Mercurial
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2015-0838 HIGH PATCH This Week

Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Debian Linux Dulwich
NVD
CVSS 2.0
7.5
EPSS
2.8%
CVE-2014-2027 HIGH PATCH This Week

eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE PHP Code Injection Egroupware
NVD
CVSS 2.0
7.5
EPSS
2.3%
CVE-2015-2109 HIGH This Week

Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Operations Orchestration
NVD
CVSS 2.0
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy