Skip to main content
CVE-2014-7284 MEDIUM POC PATCH This Month

The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Intel Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
6.4
EPSS
1.0%
CVE-2014-7970 MEDIUM POC PATCH This Month

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Suse Linux Enterprise Server Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2014-7283 MEDIUM POC PATCH This Month

The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Mrg Realtime
NVD GitHub
CVSS 2.0
4.9
EPSS
0.0%
CVE-2014-8086 MEDIUM POC PATCH This Month

Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Race Condition Linux Linux Kernel Suse Linux Enterprise Server
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2014-7975 MEDIUM PATCH This Month

The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2014-1572 MEDIUM PATCH This Month

The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Fedora Bugzilla
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2014-3091 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.1.x and 7.2.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Qradar Security Information And Event Manager
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-1573 MEDIUM PATCH This Month

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Fedora Bugzilla
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2014-8747 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Commons
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2014-1571 MEDIUM PATCH This Month

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Bugzilla Fedora
NVD
CVSS 2.0
4.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy