Skip to main content
CVE-2015-1000 MEDIUM This Month

Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Softcms
NVD
CVSS 2.0
6.8
EPSS
3.6%
CVE-2015-2124 HIGH PATCH This Week

Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

HP Authentication Bypass Smart Zero Core Thinpro Linux
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-0541 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Web Threat Detection
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-3950 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF 442Sr Os
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2950 MEDIUM PATCH This Month

Directory traversal vulnerability in the Brandon Bowles Open Explorer application before 0.254 Beta for Android allows remote attackers to write to arbitrary files via a crafted filename. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Google Open Explorer Beta
NVD
CVSS 2.0
6.4
EPSS
0.6%
CVE-2014-9201 MEDIUM This Month

Beckwith Electric M-6200 Digital Voltage Regulator Control with firmware before D-0198V04.07.00, M-6200A Digital Voltage Regulator Control with firmware before D-0228V02.01.07, M-2001D Digital. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure M 2001D Digital Tapchanger Control M 6200 Digital Voltage Regulator Control M 6200A Digital Voltage Regulator Control M 6280 Digital Capacitor Bank Control +8
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2015-2951 MEDIUM This Month

JWT.php in F21 JWT before 2.0 allows remote attackers to bypass signature verification via crafted tokens. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Jwt
NVD GitHub
CVSS 2.0
5.0
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy