ASP.NET in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, when the customErrors configuration is disabled, allows remote attackers to obtain sensitive. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Epss exploitation probability 34.8% and no vendor patch available.
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.