Skip to main content
CVE-2014-0895 HIGH Act Now

Buffer overflow in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 3.0.1-IM-S3SAMPC-WIN32-FP001-IF02 allows remote attackers to execute arbitrary code via a crafted ComboList. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.8% and no vendor patch available.

IBM RCE Buffer Overflow Spss Samplepower
NVD VulDB
CVSS 2.0
7.5
EPSS
12.8%
CVE-2013-6210 HIGH This Week

Unspecified vulnerability in HP Unified Functional Testing before 12.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1932. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Unified Functional Testing
NVD VulDB
CVSS 2.0
7.5
EPSS
5.0%
CVE-2014-2251 HIGH PATCH This Week

The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable.

Information Disclosure Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
8.3
EPSS
0.9%
CVE-2014-2259 HIGH PATCH This Week

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
7.8
EPSS
1.6%
CVE-2014-2255 HIGH PATCH This Week

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
7.8
EPSS
1.6%
CVE-2014-1705 HIGH This Week

Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Google Buffer Overflow Microsoft +3
NVD VulDB
CVSS 2.0
7.5
EPSS
3.0%
CVE-2014-2257 HIGH PATCH This Week

Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Siemens Simatic S7 1500 Cpu Firmware
NVD VulDB
CVSS 2.0
7.8
EPSS
0.9%
CVE-2014-1713 HIGH This Week

Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Google Microsoft +1
NVD VulDB
CVSS 2.0
7.5
EPSS
2.0%
CVE-2014-1700 HIGH This Week

Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
1.4%
CVE-2014-1702 HIGH This Week

Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2014-1714 HIGH This Week

The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Microsoft Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-1710 HIGH This Week

The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Chrome Os Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
0.7%
CVE-2014-1703 HIGH This Week

Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-1711 HIGH This Week

The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Chrome Os Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
0.3%
CVE-2014-1715 HIGH This Week

Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Microsoft Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
0.2%
CVE-2014-1706 HIGH This Week

crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inject commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Code Injection Chrome Os Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
0.1%
CVE-2014-1707 HIGH This Week

Directory traversal vulnerability in CrosDisks in Google Chrome OS before 33.0.1750.152 has unspecified impact and attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Chrome Os Chrome
NVD VulDB
CVSS 2.0
7.5
EPSS
0.1%
CVE-2013-6208 HIGH This Week

Unspecified vulnerability in HP Smart Update Manager 5.3.5 before build 70 on Linux allows local users to gain privileges via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Smart Update Manager
NVD VulDB
CVSS 2.0
7.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy