CVE-2014-3633
- EPSS 2.75%
- Veröffentlicht 06.10.2014 14:55:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via ...
- EPSS 2.09%
- Veröffentlicht 02.10.2014 14:55:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
- EPSS 2.11%
- Veröffentlicht 02.10.2014 14:55:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the pub...
CVE-2014-3186
- EPSS 0.7%
- Veröffentlicht 28.09.2014 10:55:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of...
CVE-2014-6416
- EPSS 6.17%
- Veröffentlicht 28.09.2014 10:55:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket.
CVE-2014-6418
- EPSS 4.88%
- Veröffentlicht 28.09.2014 10:55:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from t...
CVE-2014-7145
- EPSS 3.73%
- Veröffentlicht 28.09.2014 10:55:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ sh...
- EPSS 99.94%
- Veröffentlicht 25.09.2014 01:55:04
- Zuletzt bearbeitet 22.04.2026 14:32:42
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...
- EPSS 100%
- Veröffentlicht 24.09.2014 18:48:04
- Zuletzt bearbeitet 22.04.2026 16:07:22
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...
CVE-2014-3618
- EPSS 8.53%
- Veröffentlicht 08.09.2014 14:55:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."