CVE-2014-3611
- EPSS 0.29%
- Veröffentlicht 10.11.2014 11:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
CVE-2014-3646
- EPSS 0.43%
- Veröffentlicht 10.11.2014 11:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
CVE-2014-3647
- EPSS 0.59%
- Veröffentlicht 10.11.2014 11:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
CVE-2014-3673
- EPSS 7.46%
- Veröffentlicht 10.11.2014 11:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.
CVE-2014-3687
- EPSS 8.58%
- Veröffentlicht 10.11.2014 11:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork ...
CVE-2014-3693
- EPSS 4.96%
- Veröffentlicht 07.11.2014 19:55:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP p...
CVE-2014-3640
- EPSS 0.41%
- Veröffentlicht 07.11.2014 19:55:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized s...
- EPSS 3.55%
- Veröffentlicht 06.11.2014 15:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
CVE-2014-8547
- EPSS 3.06%
- Veröffentlicht 05.11.2014 11:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.
CVE-2014-8548
- EPSS 2.4%
- Veröffentlicht 05.11.2014 11:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.