CVE-2014-1705
- EPSS 4.82%
- Veröffentlicht 16.03.2014 14:06:45
- Zuletzt bearbeitet 06.05.2026 22:30:45
Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2013-6474
- EPSS 3.07%
- Veröffentlicht 14.03.2014 15:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.
CVE-2013-6475
- EPSS 3.22%
- Veröffentlicht 14.03.2014 15:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer...
CVE-2013-6476
- EPSS 0.31%
- Veröffentlicht 14.03.2014 15:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
CVE-2014-2270
- EPSS 4.32%
- Veröffentlicht 14.03.2014 15:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
CVE-2014-2323
- EPSS 61.67%
- Veröffentlicht 14.03.2014 15:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
- EPSS 28.81%
- Veröffentlicht 14.03.2014 15:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
CVE-2013-6668
- EPSS 5.43%
- Veröffentlicht 05.03.2014 05:11:22
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-4590
- EPSS 9.49%
- Veröffentlicht 26.02.2014 14:55:08
- Zuletzt bearbeitet 29.04.2026 01:13:23
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML d...
- EPSS 5.07%
- Veröffentlicht 18.02.2014 19:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.