Skip to main content
CVE-2013-1740 MEDIUM POC This Month

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Network Security Services
NVD
CVSS 2.0
5.8
EPSS
1.0%
CVE-2013-2037 LOW POC PATCH Monitor

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Ubuntu Linux Httplib2
NVD
CVSS 2.0
2.6
EPSS
0.5%
CVE-2013-6424 MEDIUM PATCH This Month

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman Debian Linux Opensuse +1
NVD
CVSS 2.0
5.0
EPSS
6.8%
CVE-2013-6425 MEDIUM PATCH This Month

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Integer Overflow Pixman Ubuntu Linux Debian Linux +7
NVD
CVSS 2.0
5.0
EPSS
3.0%
CVE-2014-1438 MEDIUM This Month

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Denial Of Service Linux Amd Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.0%
CVE-2014-1445 LOW PATCH Monitor

The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.0%
CVE-2014-1446 LOW PATCH Monitor

The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from. Rated low severity (CVSS 1.9).

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.2%
CVE-2014-1444 LOW PATCH Monitor

The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive. Rated low severity (CVSS 1.7), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
1.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy