Skip to main content
CVE-2014-2671 MEDIUM POC THREAT This Month

Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 30.9%.

Denial Of Service Buffer Overflow Microsoft Windows Media Player
NVD Exploit-DB VulDB
CVSS 2.0
6.8
EPSS
30.9%
CVE-2014-0983 MEDIUM POC THREAT This Month

Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 12.0%.

RCE Google Oracle Vm Virtualbox
NVD Exploit-DB VulDB
CVSS 2.0
6.9
EPSS
12.0%
CVE-2014-0981 MEDIUM POC This Month

VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local. Rated medium severity (CVSS 4.4). Public exploit code available and no vendor patch available.

RCE Google Buffer Overflow Oracle Vm Virtualbox
NVD Exploit-DB VulDB
CVSS 2.0
4.4
EPSS
6.5%
CVE-2013-6768 MEDIUM POC This Month

Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Google Superuser
NVD VulDB
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-0086 MEDIUM POC PATCH This Month

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Java Jboss Web Framework Kit Richfaces
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-0064 MEDIUM This Month

Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow PostgreSQL
NVD GitHub VulDB
CVSS 2.0
6.5
EPSS
6.7%
CVE-2014-0063 MEDIUM This Month

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow PostgreSQL
NVD GitHub VulDB
CVSS 2.0
6.5
EPSS
6.0%
CVE-2014-0065 MEDIUM This Month

Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow PostgreSQL
NVD VulDB
CVSS 2.0
6.5
EPSS
4.1%
CVE-2014-2669 MEDIUM This Month

Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow PostgreSQL
NVD GitHub VulDB
CVSS 2.0
6.5
EPSS
1.2%
CVE-2014-0061 MEDIUM This Month

The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation PostgreSQL
NVD VulDB
CVSS 2.0
6.5
EPSS
0.8%
CVE-2014-0062 MEDIUM This Month

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Race Condition PostgreSQL
NVD VulDB
CVSS 2.0
4.9
EPSS
0.4%
CVE-2014-0067 MEDIUM This Month

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation PostgreSQL Mac Os X Mac Os X Server
NVD VulDB
CVSS 2.0
4.6
EPSS
0.1%
CVE-2014-0066 MEDIUM This Month

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service PostgreSQL
NVD VulDB
CVSS 2.0
4.0
EPSS
1.5%
CVE-2014-0060 MEDIUM This Month

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation PostgreSQL
NVD VulDB
CVSS 2.0
4.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy