Skip to main content
CVE-2014-9708 MEDIUM POC PATCH This Month

Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range:. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Enterprise Communications Broker Appweb Junos
NVD GitHub
CVSS 2.0
5.0
EPSS
4.5%
CVE-2015-2754 MEDIUM This Month

FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF.". Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Freexl Debian Linux
NVD
CVSS 2.0
6.8
EPSS
2.1%
CVE-2015-2753 MEDIUM This Month

FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Debian Linux Freexl
NVD
CVSS 2.0
6.8
EPSS
1.9%
CVE-2014-9209 MEDIUM This Month

Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local. Rated medium severity (CVSS 6.9). No vendor patch available.

Rockwell Information Disclosure Factorytalk Services Platform Factorytalk View Studio
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-0985 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that modify the default user's. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF 442Sr Os 442Sr
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2106 MEDIUM This Month

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Integrated Lights Out 2 Firmware Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
6.4
EPSS
0.6%
CVE-2015-2776 MEDIUM This Month

The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Debian Linux Freexl
NVD
CVSS 2.0
4.3
EPSS
2.0%
CVE-2015-0901 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the duwasai flashy theme 1.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS WordPress Flashy
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0900 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi Factory Fumy Teacher's Schedule Board 1.10 through 2.21 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Fumy Teachers Schedule Board
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-2684 MEDIUM This Month

Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Service Provider Debian Linux
NVD
CVSS 2.0
4.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy