Skip to main content
CVE-2014-4014 MEDIUM POC This Month

The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions. Rated medium severity (CVSS 6.2). Public exploit code available and no vendor patch available.

Privilege Escalation Linux Linux Kernel
NVD Exploit-DB GitHub
CVSS 2.0
6.2
EPSS
2.1%
CVE-2014-0203 MEDIUM POC PATCH This Month

The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Memory Corruption Linux Use After Free Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2014-4157 MEDIUM POC PATCH This Month

arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.6
EPSS
0.0%
CVE-2014-0244 LOW Monitor

The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Epss exploitation probability 20.0% and no vendor patch available.

Denial Of Service Samba
NVD
CVSS 2.0
3.3
EPSS
20.0%
CVE-2014-1739 LOW POC Monitor

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Linux Information Disclosure Linux Kernel Ubuntu Linux Linux Enterprise High Availability Extension +2
NVD GitHub Exploit-DB
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-4508 MEDIUM This Month

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD
CVSS 2.0
4.7
EPSS
0.0%
CVE-2014-4171 MEDIUM This Month

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD
CVSS 2.0
4.7
EPSS
0.0%
CVE-2014-3493 LOW Monitor

The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon. Rated low severity (CVSS 2.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Samba
NVD
CVSS 2.0
2.7
EPSS
2.4%
CVE-2014-4027 LOW PATCH Monitor

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain. Rated low severity (CVSS 2.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel Enterprise Linux Ubuntu Linux +23
NVD GitHub
CVSS 2.0
2.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy