Skip to main content
CVE-2014-5160 MEDIUM This Month

Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.0% and no vendor patch available.

Path Traversal HP Data Protector
NVD
CVSS 2.0
6.4
EPSS
30.0%
CVE-2014-5045 MEDIUM POC PATCH This Month

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a. Rated medium severity (CVSS 6.2). Public exploit code available.

Denial Of Service Linux Linux Kernel Enterprise Linux Eus Enterprise Linux Server Aus +1
NVD GitHub
CVSS 2.0
6.2
EPSS
0.0%
CVE-2014-5163 MEDIUM POC This Month

The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-5165 MEDIUM POC This Month

The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-5164 MEDIUM POC This Month

The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-3302 MEDIUM This Month

user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Cisco PHP Information Disclosure Webex Meetings Server
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2014-2627 MEDIUM This Month

Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Nonstop Netbatch
NVD
CVSS 2.0
5.2
EPSS
0.2%
CVE-2014-5162 MEDIUM This Month

The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-5161 MEDIUM This Month

The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy