| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-8964 | 5.0 |
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
|
04-08-2022 - 19:58 | 16-12-2014 - 18:59 | |
| CVE-2019-8980 | 7.8 |
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
|
02-06-2021 - 15:32 | 21-02-2019 - 05:29 | |
| CVE-2014-8991 | 2.1 |
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
|
15-03-2021 - 16:17 | 24-11-2014 - 15:59 | |
| CVE-2017-5206 | 6.8 |
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
|
03-10-2019 - 00:03 | 23-03-2017 - 16:59 | |
| CVE-2014-9030 | 7.1 |
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.
|
30-10-2018 - 16:27 | 24-11-2014 - 15:59 | |
| CVE-2014-8877 | 10.0 |
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, w
|
09-10-2018 - 19:54 | 05-12-2014 - 18:59 | |
| CVE-2006-1294 | 7.5 |
PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter.
|
11-10-2017 - 01:30 | 19-03-2006 - 23:02 | |
| CVE-2003-0140 | 7.5 |
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitra
|
11-10-2017 - 01:29 | 24-03-2003 - 05:00 | |
| CVE-2008-0129 | 6.8 |
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter.
|
29-09-2017 - 01:30 | 08-01-2008 - 11:46 | |
| CVE-2014-8994 | 3.6 |
The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_status-*-*).
|
08-09-2017 - 01:29 | 28-11-2014 - 15:59 | |
| CVE-2009-4102 | 9.3 |
Sage 1.4.3 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed. Per info f
|
17-08-2017 - 01:31 | 29-11-2009 - 13:08 | |
| CVE-2014-9739 | 3.5 |
Cross-site scripting (XSS) vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors involving internal fields.
|
08-07-2015 - 15:54 | 06-07-2015 - 15:59 | |
| CVE-2014-2558 | 6.5 |
The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the cr
|
07-05-2014 - 13:23 | 06-05-2014 - 14:55 |