Max CVSS 8.5 Min CVSS 2.1 Total Count20
IDCVSSSummaryLast (major) updatePublished
CVE-2014-8354 4.3
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
09-05-2017 - 08:40 11-04-2017 - 15:59
CVE-2014-2522 4.0
curl and libcurl 7.27.0 through 7.35.0, when running on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certifica
28-04-2017 - 21:59 18-04-2014 - 18:14
CVE-2014-8355 4.3
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
17-04-2017 - 14:18 11-04-2017 - 15:59
CVE-2014-8716 2.1
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
17-04-2017 - 09:00 11-04-2017 - 15:59
CVE-2014-8562 4.3
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
17-04-2017 - 08:52 11-04-2017 - 15:59
CVE-2014-0139 5.8
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to sp
06-01-2017 - 21:59 15-04-2014 - 10:55
CVE-2014-0138 6.4
The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connec
06-01-2017 - 21:59 15-04-2014 - 10:55
CVE-2014-0015 4.0
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
02-12-2016 - 22:00 01-02-2014 - 19:55
CVE-2014-8104 6.8
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
29-08-2016 - 14:46 03-12-2014 - 13:59
CVE-2014-3686 6.8
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
26-07-2016 - 21:59 15-10-2014 - 20:55
CVE-2013-4238 4.3
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof ar
11-12-2014 - 21:59 17-08-2013 - 22:52
CVE-2014-7879 8.5
HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.
11-12-2014 - 13:28 10-12-2014 - 16:59
CVE-2014-3698 5.0
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.
19-11-2014 - 21:59 29-10-2014 - 06:55
CVE-2014-3696 5.0
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.
19-11-2014 - 21:59 29-10-2014 - 06:55
CVE-2014-3695 5.0
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
19-11-2014 - 21:59 29-10-2014 - 06:55
CVE-2014-3677 7.5
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.
13-11-2014 - 22:05 22-10-2014 - 10:55
CVE-2014-3676 7.5
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."
13-11-2014 - 22:04 22-10-2014 - 10:55
CVE-2014-3675 5.0
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.
13-11-2014 - 22:04 22-10-2014 - 10:55
CVE-2014-1263 4.3
curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltNam
05-05-2014 - 01:32 26-02-2014 - 20:55
CVE-2013-4073 6.8
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name fie
01-04-2014 - 02:22 17-08-2013 - 22:52
Back to Top Mark selected
Back to Top