Skip to main content
CVE-2014-8095 MEDIUM PATCH This Month

The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow Debian Linux X11 +1
NVD
CVSS 2.0
6.5
EPSS
1.1%
CVE-2014-8094 MEDIUM PATCH This Month

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server (aka xserver and xorg-server) 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Buffer Overflow Denial Of Service X Server +2
NVD
CVSS 2.0
6.5
EPSS
1.0%
CVE-2014-8096 MEDIUM PATCH This Month

The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow X11 X Server +1
NVD
CVSS 2.0
6.5
EPSS
1.0%
CVE-2014-8098 MEDIUM PATCH This Month

The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Buffer Overflow Debian Linux X Server +2
NVD
CVSS 2.0
6.5
EPSS
1.0%
CVE-2014-8010 MEDIUM This Month

The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Domain Manager
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2014-8453 MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
7.7%
CVE-2014-9360 MEDIUM This Month

XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Web Access
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2014-9363 MEDIUM PATCH This Month

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Open Redirect Meta Tags Quick
NVD
CVSS 2.0
5.5
EPSS
0.1%
CVE-2014-9166 MEDIUM PATCH This Month

Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows attackers to cause a denial of service (resource consumption) via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Denial Of Service Coldfusion
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2014-8091 MEDIUM PATCH This Month

X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service X Server X11
NVD
CVSS 2.0
4.3
EPSS
4.8%
CVE-2014-4465 MEDIUM This Month

WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Authentication Bypass Tvos Iphone Os Safari
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2014-8601 MEDIUM This Month

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Recursor
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2014-7807 MEDIUM This Month

Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Authentication Bypass Cloudstack
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-8009 MEDIUM This Month

The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Computing System
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-8730 MEDIUM This Month

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Big Ip Local Traffic Manager Big Ip Access Policy Manager Big Ip Policy Enforcement Manager +11
NVD
CVSS 2.0
4.3
EPSS
3.1%
CVE-2014-9120 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Subrion
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-9364 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Logintoboggan
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-9361 MEDIUM PATCH This Month

The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Logintoboggan
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-9362 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Meta Tags Quick
NVD
CVSS 2.0
3.5
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy