CVE-2014-0196
- EPSS 22.48%
- Veröffentlicht 07.05.2014 10:55:04
- Zuletzt bearbeitet 21.04.2026 20:07:27
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or ...
CVE-2014-0150
- EPSS 0.71%
- Veröffentlicht 18.04.2014 14:55:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
- EPSS 0.49%
- Veröffentlicht 01.04.2014 06:35:52
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command....
CVE-2013-7347
- EPSS 0.34%
- Veröffentlicht 31.03.2014 14:58:45
- Zuletzt bearbeitet 06.05.2026 22:30:45
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-201...
CVE-2012-3359
- EPSS 0.34%
- Veröffentlicht 31.03.2014 14:58:43
- Zuletzt bearbeitet 06.05.2026 22:30:45
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability t...
CVE-2014-0055
- EPSS 0.62%
- Veröffentlicht 26.03.2014 14:55:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause...
CVE-2011-4111
- EPSS 2.26%
- Veröffentlicht 26.02.2014 15:55:08
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC...
CVE-2014-0081
- EPSS 4.03%
- Veröffentlicht 20.02.2014 15:27:09
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML ...
- EPSS 2.23%
- Veröffentlicht 10.02.2014 18:15:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection ...
- EPSS 2.09%
- Veröffentlicht 10.02.2014 18:15:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection ...