Threats | MCERT

CVE-2014-2875 (cgilua)

11th February 2020 - 17:31

The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time| which allows remote attackers to hijac... Read more

CVE-2014-5288 (load_master)

11th February 2020 - 17:31

A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administrative pages. Link: https://web.nvd.nist.gov/view/v... Read more

CVE-2014-5468 (railo)

11th February 2020 - 17:31

A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG f... Read more

CVE-2014-8271 (edk2)

11th February 2020 - 17:31

Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variabl... Read more

CVE-2019-10787 (im-resize)

11th February 2020 - 17:31

im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js| can be c... Read more

MCERT

Threat Alerts

CVE-2014-2875 (cgilua)

CVE-2014-5288 (load_master)

CVE-2014-5468 (railo)

CVE-2014-8271 (edk2)

CVE-2019-10787 (im-resize)