CVE-2014-9660
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact...
CVE-2014-9659
- EPSS 7.69%
- Veröffentlicht 08.02.2015 11:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer o...
CVE-2014-9658
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a craft...
CVE-2014-9657
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a cr...
- EPSS 3.4%
- Veröffentlicht 03.02.2015 16:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.
- EPSS 3.94%
- Veröffentlicht 21.01.2015 19:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
CVE-2015-0411
- EPSS 10.04%
- Veröffentlicht 21.01.2015 19:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
CVE-2015-1196
- EPSS 6.1%
- Veröffentlicht 21.01.2015 18:59:57
- Zuletzt bearbeitet 06.05.2026 22:30:45
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
CVE-2015-1038
- EPSS 3.29%
- Veröffentlicht 21.01.2015 18:59:51
- Zuletzt bearbeitet 06.05.2026 22:30:45
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
CVE-2015-0382
- EPSS 10.07%
- Veröffentlicht 21.01.2015 18:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.