Skip to main content
CVE-2014-8157 HIGH This Week

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Opensuse Debian Linux +2
NVD
CVSS 2.0
7.5
EPSS
5.8%
CVE-2014-9572 HIGH This Week

MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Mantisbt
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2014-8148 HIGH This Week

The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Opensuse Midgard2
NVD
CVSS 2.0
7.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy