Skip to main content
CVE-2014-7866 HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.8%.

Path Traversal Zoho Manageengine Social It Plus Manageengine It360 Manageengine Opmanager
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.8%
Threat
5.5
CVE-2014-9163 HIGH KEV THREAT Act Now

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Buffer Overflow Stack Overflow RCE Adobe Microsoft
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
3.6%
CVE-2014-8449 CRITICAL Emergency

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 34.6% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
34.6%
CVE-2014-8460 CRITICAL Emergency

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.1% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat Reader +3
NVD
CVSS 2.0
10.0
EPSS
30.1%
CVE-2014-9159 CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.5% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 2.0
10.0
EPSS
27.5%
CVE-2014-8457 CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 2.0
10.0
EPSS
23.0%
CVE-2014-8446 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 22.2% and no vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
22.2%
CVE-2014-8496 CRITICAL POC Act Now

Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remote attackers to gain administrator privileges via a brute force session hijacking attack. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Dg 5514T Adsl Router Firmware
NVD
CVSS 2.0
10.0
EPSS
1.8%
CVE-2014-8461 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8459 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8458 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8456 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8447 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8445 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-9165 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
17.0%
CVE-2014-8455 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
17.0%
CVE-2014-8454 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
17.0%
CVE-2014-9158 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
13.5%
CVE-2014-8443 CRITICAL Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.9% and no vendor patch available.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
10.9%
CVE-2014-0587 CRITICAL Act Now

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.8% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +2
NVD
CVSS 2.0
10.0
EPSS
10.8%
CVE-2014-9164 CRITICAL Act Now

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +2
NVD
CVSS 2.0
10.0
EPSS
9.7%
CVE-2014-0580 CRITICAL Act Now

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
2.7%
CVE-2014-9162 CRITICAL Act Now

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2014-8451 MEDIUM This Month

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.0% and no vendor patch available.

Adobe Information Disclosure Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
19.0%
CVE-2014-8448 MEDIUM This Month

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.0% and no vendor patch available.

Adobe Information Disclosure Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
19.0%
CVE-2014-9091 MEDIUM POC This Month

Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Icecast
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2014-7879 HIGH PATCH This Week

HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

HP RCE Authentication Bypass Hp Ux
NVD
CVSS 2.0
8.5
EPSS
0.4%
CVE-2014-8488 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Yourls Fedora
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-7809 MEDIUM PATCH This Month

Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Apache Struts
NVD
CVSS 2.0
6.8
EPSS
7.5%
CVE-2014-8298 HIGH This Week

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Nvidia Google Denial Of Service Gpu Driver +1
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2014-4466 HIGH PATCH This Week

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apple RCE Buffer Overflow Iphone Os +3
NVD
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-8003 HIGH This Week

Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Computing System
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2014-2608 HIGH This Week

Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Microsoft Smart Update Manager
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-4475 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Safari +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4474 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Itunes +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4473 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Itunes +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4472 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Safari +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4471 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Itunes +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4470 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Safari +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4469 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Itunes +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-4468 MEDIUM PATCH This Month

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Buffer Overflow Iphone Os +3
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-8452 MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XXE Information Disclosure Microsoft Acrobat Reader +3
NVD
CVSS 2.0
5.0
EPSS
9.6%
CVE-2014-8103 MEDIUM PATCH This Month

X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow X Server
NVD
CVSS 2.0
6.5
EPSS
1.8%
CVE-2014-8099 MEDIUM PATCH This Month

The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow X11 X Server +1
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2014-8100 MEDIUM PATCH This Month

The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow Xfree86 X Server +1
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2014-8097 MEDIUM PATCH This Month

The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow X Server X11
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2014-8093 MEDIUM PATCH This Month

Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow X11 X Server +1
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2014-8092 MEDIUM PATCH This Month

Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow X11 X Server
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2014-8101 MEDIUM PATCH This Month

The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow Xfree86 X Server +1
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2014-8102 MEDIUM PATCH This Month

The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow X Server X11 +1
NVD
CVSS 2.0
6.5
EPSS
1.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy