Total
2548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9637 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Patch and 1 more | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. | |||||
| CVE-2014-9623 | 2 Openstack, Redhat | 2 Image Registry And Delivery Service \(glance\), Openstack | 2024-11-21 | 4.0 MEDIUM | N/A |
| OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state. | |||||
| CVE-2014-9621 | 1 File Project | 1 File | 2024-11-21 | 5.0 MEDIUM | N/A |
| The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string. | |||||
| CVE-2014-9620 | 1 File Project | 1 File | 2024-11-21 | 5.0 MEDIUM | N/A |
| The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. | |||||
| CVE-2014-9527 | 2 Apache, Fedoraproject | 2 Poi, Fedora | 2024-11-21 | 5.0 MEDIUM | N/A |
| HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file. | |||||
| CVE-2014-9490 | 1 Getsentry | 1 Raven-ruby | 2024-11-21 | 5.0 MEDIUM | N/A |
| The numtok function in lib/raven/okjson.rb in the raven-ruby gem before 0.12.2 for Ruby allows remote attackers to cause a denial of service via a large exponent value in a scientific number. | |||||
| CVE-2014-9472 | 3 Bestpractical, Debian, Fedoraproject | 3 Request Tracker, Debian Linux, Fedora | 2024-11-21 | 7.1 HIGH | N/A |
| The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email. | |||||
| CVE-2014-9465 | 2 Fedoraproject, Zarafa | 3 Fedora, Webapp, Zarafa Collaboration Platform | 2024-11-21 | 5.0 MEDIUM | N/A |
| senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files. | |||||
| CVE-2014-9428 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 HIGH | N/A |
| The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets. | |||||
| CVE-2014-9420 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. | |||||
| CVE-2014-9402 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Glibc, Opensuse | 2024-11-21 | 7.8 HIGH | N/A |
| The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process. | |||||
| CVE-2014-9228 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 4.9 MEDIUM | N/A |
| sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition. | |||||
| CVE-2014-9218 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-11-21 | 5.0 MEDIUM | N/A |
| libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password. | |||||
| CVE-2014-9191 | 1 Codewrights | 1 Hart Device Type Manager | 2024-11-21 | 2.1 LOW | N/A |
| The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop. | |||||
| CVE-2014-8927 | 1 Ibm | 3 Endpoint Manager Family, License Metric Tool, Tivoli Asset Discovery For Distributed | 2024-11-21 | 5.0 MEDIUM | N/A |
| Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8926. | |||||
| CVE-2014-8926 | 1 Ibm | 3 Endpoint Manager Family, License Metric Tool, Tivoli Asset Discovery For Distributed | 2024-11-21 | 5.0 MEDIUM | N/A |
| Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8927. | |||||
| CVE-2014-8901 | 1 Ibm | 1 Db2 | 2024-11-21 | 4.0 MEDIUM | N/A |
| IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query. | |||||
| CVE-2014-8816 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.8 MEDIUM | N/A |
| CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PDF document. | |||||
| CVE-2014-8714 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.0 MEDIUM | N/A |
| The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2014-8712 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.0 MEDIUM | N/A |
| The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||