Total
2701 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-8481 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. | ||||
CVE-2014-8480 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. | ||||
CVE-2014-8500 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Rhel Aus | 2024-08-06 | N/A |
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. | ||||
CVE-2014-8414 | 1 Digium | 2 Asterisk, Certified Asterisk | 2024-08-06 | N/A |
ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service (channel hang and memory consumption) by causing transitions to be delayed, which triggers a state change from hung up to waiting for media. | ||||
CVE-2014-8333 | 2 Openstack, Redhat | 3 Nova, Enterprise Linux, Openstack | 2024-08-06 | N/A |
The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state. | ||||
CVE-2014-8325 | 1 Calender Base Project | 1 Calender Base | 2024-08-06 | N/A |
The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library. | ||||
CVE-2014-8116 | 5 Canonical, File Project, Freebsd and 2 more | 5 Ubuntu Linux, File, Freebsd and 2 more | 2024-08-06 | N/A |
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. | ||||
CVE-2014-8171 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2024-08-06 | N/A |
The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup. | ||||
CVE-2014-8104 | 5 Canonical, Debian, Mageia and 2 more | 6 Ubuntu Linux, Debian Linux, Mageia and 3 more | 2024-08-06 | N/A |
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. | ||||
CVE-2014-8117 | 5 Canonical, File Project, Freebsd and 2 more | 5 Ubuntu Linux, File, Freebsd and 2 more | 2024-08-06 | N/A |
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. | ||||
CVE-2014-8020 | 1 Cisco | 1 Unified Communications Domain Manager | 2024-08-06 | N/A |
Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malformed TCP packets and UDP packets, aka Bug ID CSCup25276. | ||||
CVE-2014-8016 | 1 Cisco | 1 Ironport Email Security Appliances | 2024-08-06 | N/A |
The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of service (CPU consumption) via long Subject headers in e-mail messages, aka Bug ID CSCzv93864. | ||||
CVE-2014-8004 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378. | ||||
CVE-2014-7906 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime. | ||||
CVE-2014-7942 | 5 Canonical, Chromium, Google and 2 more | 9 Ubuntu Linux, Chromium, Chrome and 6 more | 2024-08-06 | N/A |
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2014-7907 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods. | ||||
CVE-2014-7960 | 2 Openstack, Redhat | 3 Swift, Openstack, Storage | 2024-08-06 | N/A |
OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined. | ||||
CVE-2014-7997 | 1 Cisco | 21 Aironet 1040, Aironet 1140, Aironet 1260 and 18 more | 2024-08-06 | N/A |
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281. | ||||
CVE-2014-7900 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. | ||||
CVE-2014-7940 | 3 Google, Icu-project, Redhat | 3 Chrome, International Components For Unicode, Rhel Extras | 2024-08-06 | N/A |
The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. |