Skip to main content
CVE-2014-0069 HIGH PATCH This Week

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Linux Linux Kernel Linux Enterprise Desktop +7
NVD GitHub
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-0774 MEDIUM This Month

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Schneider Electric Ofs Test Client Tlxcdlfofs33 Ofs Test Client Tlxcdltofs33 +4
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-1690 LOW POC PATCH Monitor

The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 2.0
2.6
EPSS
0.8%
CVE-2014-0759 MEDIUM This Month

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed. Rated medium severity (CVSS 5.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Microsoft Information Disclosure
NVD VulDB
CVSS 3.1
5.9
EPSS
0.7%
CVE-2014-1878 MEDIUM PATCH This Month

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service Icinga Nagios
NVD
CVSS 2.0
5.0
EPSS
2.3%
CVE-2014-1874 MEDIUM PATCH This Month

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Linux Enterprise Server Ubuntu Linux
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-2039 MEDIUM PATCH This Month

arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.0%
CVE-2014-0874 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-2038 LOW PATCH Monitor

The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy