CVE-2014-1690
- EPSS 3.85%
- Veröffentlicht 28.02.2014 06:18:54
- Zuletzt bearbeitet 29.04.2026 01:13:23
The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use o...
CVE-2014-1874
- EPSS 0.6%
- Veröffentlicht 28.02.2014 06:18:54
- Zuletzt bearbeitet 29.04.2026 01:13:23
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security cont...
CVE-2014-2038
- EPSS 0.41%
- Veröffentlicht 28.02.2014 06:18:54
- Zuletzt bearbeitet 29.04.2026 01:13:23
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from ke...
- EPSS 5.07%
- Veröffentlicht 18.02.2014 19:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2013-7327
- EPSS 2.68%
- Veröffentlicht 18.02.2014 11:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments t...
- EPSS 2.23%
- Veröffentlicht 10.02.2014 18:15:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection ...
- EPSS 2.09%
- Veröffentlicht 10.02.2014 18:15:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection ...
CVE-2012-3406
- EPSS 3.16%
- Veröffentlicht 10.02.2014 18:15:10
- Zuletzt bearbeitet 29.04.2026 01:13:23
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers...
CVE-2013-6393
- EPSS 9.31%
- Veröffentlicht 06.02.2014 22:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML docum...
CVE-2013-2038
- EPSS 4.15%
- Veröffentlicht 06.02.2014 17:00:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a termina...