Skip to main content
CVE-2014-8142 HIGH POC THREAT Act Now

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 88.3%.

Deserialization RCE PHP
NVD
CVSS 2.0
7.5
EPSS
88.3%
Threat
5.6
CVE-2014-9295 HIGH POC THREAT Act Now

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 57.3%.

RCE Buffer Overflow Ntp
NVD
CVSS 2.0
7.5
EPSS
57.3%
Threat
4.7
CVE-2014-9294 HIGH POC THREAT Act Now

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.3%.

Information Disclosure Ntp
NVD
CVSS 2.0
7.5
EPSS
33.3%
Threat
4.0
CVE-2014-9293 HIGH POC THREAT Act Now

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.3%.

Information Disclosure Ntp
NVD
CVSS 2.0
7.5
EPSS
33.3%
Threat
4.0
CVE-2014-9193 HIGH This Week

Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Mguard Firmware
NVD
CVSS 2.0
8.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy