CVE-2014-8485
- EPSS 7.49%
- Veröffentlicht 09.12.2014 23:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.
- EPSS 5.08%
- Veröffentlicht 09.12.2014 23:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.
- EPSS 3.44%
- Veröffentlicht 05.12.2014 16:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to ...
CVE-2014-8104
- EPSS 3.48%
- Veröffentlicht 03.12.2014 18:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
CVE-2014-9087
- EPSS 5.17%
- Veröffentlicht 01.12.2014 15:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer...
CVE-2014-9093
- EPSS 4.14%
- Veröffentlicht 26.11.2014 15:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
CVE-2014-7142
- EPSS 24.93%
- Veröffentlicht 26.11.2014 15:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.
CVE-2014-1421
- EPSS 0.51%
- Veröffentlicht 25.11.2014 15:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.
CVE-2014-7817
- EPSS 0.58%
- Veröffentlicht 24.11.2014 15:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
- EPSS 19.81%
- Veröffentlicht 20.11.2014 17:50:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.