- EPSS 3.82%
- Veröffentlicht 05.06.2014 20:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
CVE-2014-1737
- EPSS 0.49%
- Veröffentlicht 11.05.2014 21:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges b...
CVE-2014-1738
- EPSS 0.52%
- Veröffentlicht 11.05.2014 21:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from...
CVE-2014-0196
- EPSS 22.48%
- Veröffentlicht 07.05.2014 10:55:04
- Zuletzt bearbeitet 21.04.2026 20:07:27
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or ...
CVE-2014-1530
- EPSS 1.67%
- Veröffentlicht 30.04.2014 10:49:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...
CVE-2014-1531
- EPSS 5.59%
- Veröffentlicht 30.04.2014 10:49:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...
CVE-2014-1532
- EPSS 4.65%
- Veröffentlicht 30.04.2014 10:49:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...
CVE-2014-1518
- EPSS 5.98%
- Veröffentlicht 30.04.2014 10:49:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...
CVE-2014-1523
- EPSS 3.16%
- Veröffentlicht 30.04.2014 10:49:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and applicat...
CVE-2014-1524
- EPSS 7.54%
- Veröffentlicht 30.04.2014 10:49:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers...