CVE-2014-8098
- EPSS 5.19%
- Veröffentlicht 10.12.2014 15:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly exec...
CVE-2014-8096
- EPSS 4.62%
- Veröffentlicht 10.12.2014 15:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds rea...
CVE-2014-8095
- EPSS 4.43%
- Veröffentlicht 10.12.2014 15:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary...
CVE-2014-8094
- EPSS 4.3%
- Veröffentlicht 10.12.2014 15:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbi...
CVE-2014-9274
- EPSS 5.83%
- Veröffentlicht 09.12.2014 23:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
CVE-2014-3616
- EPSS 5.65%
- Veröffentlicht 08.12.2014 11:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual...
CVE-2014-8990
- EPSS 5.24%
- Veröffentlicht 05.12.2014 16:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
- EPSS 3.44%
- Veröffentlicht 05.12.2014 16:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to ...
CVE-2014-9157
- EPSS 5.57%
- Veröffentlicht 03.12.2014 21:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
CVE-2014-8104
- EPSS 3.48%
- Veröffentlicht 03.12.2014 18:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.