|
1381
|
-
7.5
|
HIGH
|
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
|
CWE-20
Improper Input Validation
|
CVE-2004-2771
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 08:54
2014-12-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1382
|
-
4.9
|
MEDIUM
|
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM…
|
CWE-17
Code
|
CVE-2014-8867
|
cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:19
2014-12-2
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1383
|
5.5
4.9
|
MEDIUM
Local
|
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allow…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3690
|
cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:08
2014-11-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1384
|
7.5
7.8
|
HIGH
Network
|
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and ne…
|
CWE-20
Improper Input Validation
|
CVE-2014-3673
|
cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:08
2014-11-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1385
|
5.5
1.9
|
MEDIUM
Local
|
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a c…
|
NVD-CWE-noinfo
|
CVE-2014-3647
|
cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:08
2014-11-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1386
|
5.5
4.7
|
MEDIUM
Local
|
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest O…
|
NVD-CWE-noinfo
|
CVE-2014-3646
|
cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:08
2014-11-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1387
|
4.7
4.7
|
MEDIUM
Local
|
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS cras…
|
CWE-362
Race Condition
|
CVE-2014-3611
|
cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:08
2014-11-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1388
|
-
5.0
|
MEDIUM
|
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU…
|
NVD-CWE-Other
|
CVE-2014-3660
|
cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:08
2014-11-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1389
|
-
5.0
|
MEDIUM
|
The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document,…
|
NVD-CWE-Other
|
CVE-2014-8080
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 11:18
2014-11-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1390
|
3.4
4.3
|
LOW
Network
|
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a pad…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3566
|
cpe:2.3:o:redhat:enterprise_linux:5:*
|
|
|
|
|
2024-11-21 11:08
2014-10-15
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|