- EPSS 2.43%
- Veröffentlicht 22.07.2014 14:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensi...
CVE-2014-3160
- EPSS 1.34%
- Veröffentlicht 20.07.2014 11:12:50
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the...
- EPSS 1.04%
- Veröffentlicht 20.07.2014 11:12:50
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- EPSS 7.14%
- Veröffentlicht 20.07.2014 11:12:50
- Zuletzt bearbeitet 06.05.2026 22:30:45
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
- EPSS 6.52%
- Veröffentlicht 20.07.2014 11:12:50
- Zuletzt bearbeitet 06.05.2026 22:30:45
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
CVE-2014-0118
- EPSS 37.16%
- Veröffentlicht 20.07.2014 11:12:48
- Zuletzt bearbeitet 06.05.2026 22:30:45
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted req...
CVE-2014-0226
- EPSS 85.74%
- Veröffentlicht 20.07.2014 11:12:48
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a cr...
CVE-2014-3533
- EPSS 0.42%
- Veröffentlicht 19.07.2014 19:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.
CVE-2014-4943
- EPSS 2.1%
- Veröffentlicht 19.07.2014 19:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
CVE-2014-3532
- EPSS 0.45%
- Veröffentlicht 19.07.2014 19:55:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, t...