CVE-2014-5353
- EPSS 4.97%
- Veröffentlicht 16.12.2014 23:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via...
- EPSS 6.51%
- Veröffentlicht 16.12.2014 18:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
CVE-2014-6052
- EPSS 6.76%
- Veröffentlicht 15.12.2014 18:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitra...
- EPSS 2.86%
- Veröffentlicht 12.12.2014 15:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests...
CVE-2014-8094
- EPSS 4.3%
- Veröffentlicht 10.12.2014 15:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbi...
CVE-2014-7142
- EPSS 24.93%
- Veröffentlicht 26.11.2014 15:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.
CVE-2014-8991
- EPSS 0.39%
- Veröffentlicht 24.11.2014 15:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
- EPSS 19.81%
- Veröffentlicht 20.11.2014 17:50:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
CVE-2014-6551
- EPSS 0.39%
- Veröffentlicht 15.10.2014 22:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.
CVE-2014-6559
- EPSS 4.63%
- Veröffentlicht 15.10.2014 22:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.