Skip to main content
CVE-2014-3531 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system (1) name or (2). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Foreman
NVD GitHub
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-13083 MEDIUM This Month

Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE
NVD GitHub VulDB
CVSS 3.0
5.3
EPSS
0.1%
CVE-2015-3400 MEDIUM PATCH This Month

sharenfs 0.6.4, when built with commits bcdd594 and 7d08880 from the zfs repository, provides world readable access to the shared zfs file system, which might allow remote authenticated users to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Zfs
NVD GitHub
CVSS 3.0
4.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy