| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-0478 | 4.0 |
APT before 1.0.4 does not properly validate source packages, which allows man-in-the-middle attackers to download and install Trojan horse packages by removing the Release signature.
|
08-01-2020 - 15:22 | 17-06-2014 - 14:55 | |
| CVE-2014-1453 | 4.0 |
The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause a denial of service (deadlock) via vectors involvin
|
18-03-2019 - 15:35 | 16-04-2014 - 18:37 | |
| CVE-2014-3156 | 7.5 |
Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/r
|
29-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-3865 | 6.4 |
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and
|
29-12-2017 - 02:29 | 30-05-2014 - 18:55 | |
| CVE-2014-3154 | 7.5 |
Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other im
|
29-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-3430 | 5.0 |
Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an I
|
29-12-2017 - 02:29 | 14-05-2014 - 19:55 | |
| CVE-2014-3157 | 7.5 |
Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impac
|
29-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-3966 | 2.6 |
Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid u
|
29-12-2017 - 02:29 | 06-06-2014 - 14:55 | |
| CVE-2014-3864 | 6.4 |
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line.
|
29-12-2017 - 02:29 | 30-05-2014 - 18:55 | |
| CVE-2014-3155 | 5.0 |
net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance. Per http://cwe.mitre.org/data/definitio
|
29-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-2013 | 7.5 |
Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element
|
29-12-2017 - 02:29 | 03-03-2014 - 16:55 | |
| CVE-2014-1545 | 10.0 |
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. Per: http://cwe.mitre.org/data/defini
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1541 | 10.0 |
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code o
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1533 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1538 | 10.0 |
Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap m
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2003-0213 | 7.5 |
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
|
18-10-2016 - 02:30 | 12-05-2003 - 04:00 | |
| CVE-2014-3880 | 4.9 |
The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows
|
21-06-2014 - 04:41 | 10-06-2014 - 14:55 | |
| CVE-2014-3000 | 7.8 |
The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefined memory access and system crash) or possibly rea
|
21-06-2014 - 04:41 | 02-05-2014 - 14:55 |