Skip to main content
CVE-2013-7443 MEDIUM POC This Month

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Sqlite
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2015-1331 MEDIUM POC This Month

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lxc
NVD GitHub
CVSS 2.0
4.9
EPSS
0.0%
CVE-2015-3184 MEDIUM This Month

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Information Disclosure Apache Xcode Subversion
NVD
CVSS 2.0
5.0
EPSS
17.0%
CVE-2015-5718 MEDIUM POC This Month

Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Content Gateway
NVD
CVSS 2.0
4.0
EPSS
0.7%
CVE-2015-3283 MEDIUM This Month

OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Openafs
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-2058 MEDIUM This Month

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jabberd2
NVD GitHub
CVSS 2.0
6.5
EPSS
0.6%
CVE-2015-0851 MEDIUM This Month

XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Xmltooling
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-1334 MEDIUM This Month

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Lxc
NVD GitHub
CVSS 2.0
4.6
EPSS
0.1%
CVE-2015-3286 MEDIUM This Month

Buffer overflow in the Solaris kernel extension in OpenAFS before 1.6.13 allows local users to cause a denial of service (panic or deadlock) or possibly have other unspecified impact via a large. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Openafs
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2015-3282 MEDIUM This Month

vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Openafs
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-3908 MEDIUM PATCH This Month

Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Ansible
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-3187 MEDIUM This Month

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apache Subversion Xcode
NVD
CVSS 2.0
4.0
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy