CVE List 2014

Product
Score
Severity
Status
CVE
               
CVE Score Severity Package Description Published
CVE-2014-9984
9.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical glibc nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. June 12, 2017, 08:06 am
CVE-2014-9940
7.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. May 2, 2017, 16:05 pm
CVE-2014-9939
9.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical binutils ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. March 21, 2017, 01:03 am
CVE-2014-9938
8.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High git contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution. March 19, 2017, 19:03 pm
CVE-2014-9922
7.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. April 4, 2017, 00:04 am
CVE-2014-9914
7.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. February 7, 2017, 01:02 am
CVE-2014-9913
4.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal unzip Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. January 18, 2017, 11:01 am
CVE-2014-9912
9.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical php The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument. January 4, 2017, 14:01 pm
CVE-2014-9911
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
icu Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call. January 4, 2017, 14:01 pm
CVE-2014-9904
4.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
kernel The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call. June 27, 2016, 05:06 am
CVE-2014-9903
5.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call. June 27, 2016, 05:06 am
CVE-2014-9900
5.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754. August 6, 2016, 05:08 am
CVE-2014-9895
5.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28750150 and Qualcomm internal bug CR570757, a different vulnerability than CVE-2014-1739. August 6, 2016, 05:08 am
CVE-2014-9892
5.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717. August 6, 2016, 05:08 am
CVE-2014-9888
7.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. August 6, 2016, 05:08 am
CVE-2014-9870
7.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qualcomm internal bug CR561044. August 6, 2016, 05:08 am
CVE-2014-9803
7.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020. July 10, 2016, 20:07 pm
CVE-2014-9770
2.1 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
systemd tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files. April 20, 2016, 11:04 am
CVE-2014-9769
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
pcre pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset. March 28, 2016, 11:03 am
CVE-2014-9767
4.3 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium hiphop_virtual_machine_for_php Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. May 21, 2016, 20:05 pm
CVE-2014-9766
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
pixman Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values. April 13, 2016, 09:04 am
CVE-2014-9761
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
glibc Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function. April 19, 2016, 16:04 pm
CVE-2014-9756
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libsndfile The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. November 19, 2015, 14:11 pm
CVE-2014-9750
5.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium ntp ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field. October 5, 2015, 20:10 pm
CVE-2014-9749
4.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal squid Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability." November 6, 2015, 15:11 pm
CVE-2014-9747
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font. June 7, 2016, 09:06 am
CVE-2014-9746
9.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical freetype The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font. June 7, 2016, 09:06 am
CVE-2014-9745
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. September 14, 2015, 15:09 pm
CVE-2014-9730
4.9 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. August 31, 2015, 05:08 am
CVE-2014-9729
4.9 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. August 31, 2015, 05:08 am
CVE-2014-9728
4.9 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. August 31, 2015, 05:08 am
CVE-2014-9717
3.6 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
kernel fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace. May 2, 2016, 05:05 am
CVE-2014-9715
4.9 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment. May 27, 2015, 05:05 am
CVE-2014-9710
6.9 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit. May 27, 2015, 05:05 am
CVE-2014-9709
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal php The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. March 30, 2015, 05:03 am
CVE-2014-9705
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries. March 30, 2015, 05:03 am
CVE-2014-9683
3.6 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename. March 3, 2015, 05:03 am
CVE-2014-9680
3.3 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low sudo sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives. April 24, 2017, 01:04 am
CVE-2014-9679
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal cups Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. February 19, 2015, 09:02 am
CVE-2014-9675
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font. February 8, 2015, 05:02 am
CVE-2014-9674
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. February 8, 2015, 05:02 am
CVE-2014-9673
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. February 8, 2015, 05:02 am
CVE-2014-9672
5.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file. February 8, 2015, 05:02 am
CVE-2014-9671
4.3 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented. February 8, 2015, 05:02 am
CVE-2014-9670
4.3 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. February 8, 2015, 05:02 am
CVE-2014-9669
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table. February 8, 2015, 05:02 am
CVE-2014-9668
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file. February 8, 2015, 05:02 am
CVE-2014-9667
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table. February 8, 2015, 05:02 am
CVE-2014-9666
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap. February 8, 2015, 05:02 am
CVE-2014-9665
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file. February 8, 2015, 05:02 am
CVE-2014-9664
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c. February 8, 2015, 05:02 am
CVE-2014-9662
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font. February 8, 2015, 05:02 am
CVE-2014-9661
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font. February 8, 2015, 05:02 am
CVE-2014-9660
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font. February 8, 2015, 05:02 am
CVE-2014-9659
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240. February 8, 2015, 05:02 am
CVE-2014-9658
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. February 8, 2015, 05:02 am
CVE-2014-9657
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. February 8, 2015, 05:02 am
CVE-2014-9656
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious freetype The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font. February 8, 2015, 05:02 am
CVE-2014-9655
4.3 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
tiff The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif. April 13, 2016, 12:04 pm
CVE-2014-9653
7.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php file readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. March 30, 2015, 05:03 am
CVE-2014-9652
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal php file The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file. March 30, 2015, 05:03 am
CVE-2014-9650
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal rabbitmq CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions. January 27, 2015, 14:01 pm
CVE-2014-9649
4.3 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal rabbitmq Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message. January 27, 2015, 14:01 pm
CVE-2014-9645
4.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command. March 12, 2017, 00:03 am
CVE-2014-9644
2.1 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421. March 2, 2015, 05:03 am
CVE-2014-9637
5.5 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal patch GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. August 25, 2017, 13:08 pm
CVE-2014-9636
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium unzip unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. February 6, 2015, 09:02 am
CVE-2014-9622
6.8 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal xdg-utils Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. January 21, 2015, 12:01 pm
CVE-2014-9621
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string. January 21, 2015, 12:01 pm
CVE-2014-9620
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. January 21, 2015, 12:01 pm
CVE-2014-9585
2.1 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD. January 9, 2015, 15:01 pm
CVE-2014-9584
2.1 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image. January 9, 2015, 15:01 pm
CVE-2014-9529
7.2 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. January 9, 2015, 15:01 pm
CVE-2014-9527
5.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal poi HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file. January 6, 2015, 09:01 am
CVE-2014-9512
6.4 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal rsync rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. February 12, 2015, 10:02 am
CVE-2014-9496
10.0 MV Product/Version
affected:
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical libsndfile The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. January 16, 2015, 10:01 am
CVE-2014-9495
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High libpng Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image. January 10, 2015, 13:01 pm
CVE-2014-9494
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal rabbitmq RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users restriction via a crafted X-Forwareded-For header. January 20, 2015, 09:01 am
CVE-2014-9488
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical less The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read. April 14, 2015, 13:04 pm
CVE-2014-9471
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious coreutils The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command. January 16, 2015, 10:01 am
CVE-2014-9447
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium elfutils Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program. January 2, 2015, 14:01 pm
CVE-2014-9428
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets. January 2, 2015, 15:01 pm
CVE-2014-9426
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php ** DISPUTED ** The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable. December 30, 2014, 20:12 pm
CVE-2014-9425
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. December 30, 2014, 20:12 pm
CVE-2014-9420
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. December 25, 2014, 18:12 pm
CVE-2014-9419
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address. December 25, 2014, 18:12 pm
CVE-2014-9410
9.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical kernel The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain id value, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call. August 7, 2016, 16:08 pm
CVE-2014-9403
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal znc The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error. December 19, 2014, 09:12 am
CVE-2014-9402
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High glibc The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process. February 24, 2015, 09:02 am
CVE-2014-9358
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal docker Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications." December 16, 2014, 12:12 pm
CVE-2014-9357
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical docker Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction. December 16, 2014, 12:12 pm
CVE-2014-9330
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium tiff Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read. January 20, 2015, 09:01 am
CVE-2014-9322
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. December 17, 2014, 05:12 am
CVE-2014-9298
0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage. October 5, 2015, 20:10 pm
CVE-2014-9297
0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage. October 5, 2015, 20:10 pm
CVE-2014-9296
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium ntp The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets. December 19, 2014, 20:12 pm
CVE-2014-9295
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High ntp Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. December 19, 2014, 20:12 pm
CVE-2014-9294
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High ntp util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. December 19, 2014, 20:12 pm
CVE-2014-9293
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High ntp The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. December 19, 2014, 20:12 pm
CVE-2014-9278
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssh The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. December 6, 2014, 09:12 am
CVE-2014-9221
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal strongswan strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025. January 7, 2015, 13:01 pm
CVE-2014-9219
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal phpmyadmin Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter. December 8, 2014, 05:12 am
CVE-2014-9218
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal phpmyadmin libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password. December 8, 2014, 05:12 am
CVE-2014-9140
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium tcpdump Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. December 5, 2014, 10:12 am
CVE-2014-9130
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium libyaml scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping. December 8, 2014, 10:12 am
CVE-2014-9114
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious util-linux Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. March 31, 2017, 11:03 am
CVE-2014-9112
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium cpio Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive. December 2, 2014, 10:12 am
CVE-2014-9090
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite. November 29, 2014, 19:11 pm
CVE-2014-8991
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low pip pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user. November 24, 2014, 09:11 am
CVE-2014-8989
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c. November 29, 2014, 19:11 pm
CVE-2014-8964
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium pcre Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. December 16, 2014, 12:12 pm
CVE-2014-8960
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename. November 30, 2014, 05:11 am
CVE-2014-8959
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal phpmyadmin Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter. November 30, 2014, 05:11 am
CVE-2014-8958
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page. November 30, 2014, 05:11 am
CVE-2014-8884
6.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. November 29, 2014, 19:11 pm
CVE-2014-8873
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical openjdk A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file. November 9, 2015, 10:11 am
CVE-2014-8769
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium tcpdump tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. November 20, 2014, 11:11 am
CVE-2014-8768
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal tcpdump Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. November 20, 2014, 11:11 am
CVE-2014-8767
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium tcpdump Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. November 20, 2014, 11:11 am
CVE-2014-8747
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal commons Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to content creation and activity stream messages. October 13, 2014, 13:10 pm
CVE-2014-8738
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium binutils The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive. January 15, 2015, 09:01 am
CVE-2014-8737
3.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low binutils Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. December 9, 2014, 17:12 pm
CVE-2014-8714
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. November 22, 2014, 20:11 pm
CVE-2014-8713
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. November 22, 2014, 20:11 pm
CVE-2014-8712
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. November 22, 2014, 20:11 pm
CVE-2014-8711
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet. November 22, 2014, 20:11 pm
CVE-2014-8710
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. November 22, 2014, 20:11 pm
CVE-2014-8709
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. November 10, 2014, 05:11 am
CVE-2014-8680
5.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium bind The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options. December 10, 2014, 20:12 pm
CVE-2014-8626
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding. November 22, 2014, 20:11 pm
CVE-2014-8625
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal dpkg Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. January 20, 2015, 09:01 am
CVE-2014-8564
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs. November 13, 2014, 15:11 pm
CVE-2014-8559
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. November 10, 2014, 05:11 am
CVE-2014-8504
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High binutils Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file. December 9, 2014, 17:12 pm
CVE-2014-8503
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High binutils Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. December 9, 2014, 17:12 pm
CVE-2014-8502
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High binutils Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file. December 9, 2014, 17:12 pm
CVE-2014-8501
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High binutils The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable. December 9, 2014, 17:12 pm
CVE-2014-8500
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bind ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. December 10, 2014, 20:12 pm
CVE-2014-8485
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High binutils The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file. December 9, 2014, 17:12 pm
CVE-2014-8484
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium binutils The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record. December 9, 2014, 17:12 pm
CVE-2014-8481
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. November 10, 2014, 05:11 am
CVE-2014-8480
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. November 10, 2014, 05:11 am
CVE-2014-8369
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601. November 10, 2014, 05:11 am
CVE-2014-8346
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious mobile The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic. October 24, 2014, 05:10 am
CVE-2014-8326
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page. November 5, 2014, 05:11 am
CVE-2014-8272
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal ipmi The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. December 19, 2014, 05:12 am
CVE-2014-8176
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High openssl The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data. June 12, 2015, 14:06 pm
CVE-2014-8173
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted MADV_WILLNEED madvise system call that leverages the absence of a page-table lock. March 16, 2015, 05:03 am
CVE-2014-8172
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations. March 16, 2015, 05:03 am
CVE-2014-8166
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious cups The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name. January 12, 2018, 11:01 am
CVE-2014-8160
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers. March 2, 2015, 05:03 am
CVE-2014-8159
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/. March 16, 2015, 05:03 am
CVE-2014-8155
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal gnutls GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid. August 14, 2015, 13:08 pm
CVE-2014-8154
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious vala The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow. January 27, 2015, 14:01 pm
CVE-2014-8151
5.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libcurl The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. January 15, 2015, 09:01 am
CVE-2014-8150
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libcurl CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL. January 15, 2015, 09:01 am
CVE-2014-8143
8.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High samba Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation. January 16, 2015, 20:01 pm
CVE-2014-8142
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High php Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019. December 20, 2014, 05:12 am
CVE-2014-8141
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. June 23, 2015, 16:06 pm
CVE-2014-8140
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. June 23, 2015, 16:06 pm
CVE-2014-8139
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. June 23, 2015, 16:06 pm
CVE-2014-8136
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low libvirt The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors. December 19, 2014, 09:12 am
CVE-2014-8135
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low libvirt The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command. December 19, 2014, 09:12 am
CVE-2014-8134
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. December 12, 2014, 12:12 pm
CVE-2014-8133
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value. December 17, 2014, 05:12 am
CVE-2014-8131
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libvirt The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access. January 6, 2015, 09:01 am
CVE-2014-8130
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. April 21, 2016, 18:04 pm
CVE-2014-8129
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. April 21, 2016, 11:04 am
CVE-2014-8128
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. April 21, 2016, 18:04 pm
CVE-2014-8127
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool. June 26, 2017, 10:06 am
CVE-2014-8121
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium glibc DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset. March 27, 2015, 09:03 am
CVE-2014-8119
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious netcf The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions. December 29, 2017, 16:12 pm
CVE-2014-8118
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical rpm Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow. December 16, 2014, 12:12 pm
CVE-2014-8117
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. December 17, 2014, 13:12 pm
CVE-2014-8116
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal file The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. December 17, 2014, 13:12 pm
CVE-2014-8108
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal subversion The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist. December 18, 2014, 09:12 am
CVE-2014-8106
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal qemu Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320. December 8, 2014, 10:12 am
CVE-2014-8104
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openvpn OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. December 3, 2014, 12:12 pm
CVE-2014-8102
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length value. December 10, 2014, 09:12 am
CVE-2014-8101
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function. December 10, 2014, 09:12 am
CVE-2014-8100
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcRenderQueryVersion, (2) SProcRenderQueryVersion, (3) SProcRenderQueryPictFormats, (4) SProcRenderQueryPictIndexValues, (5) SProcRenderCreatePicture, (6) SProcRenderChangePicture, (7) SProcRenderSetPictureClipRectangles, (8) SProcRenderFreePicture, (9) SProcRenderComposite, (10) SProcRenderScale, (11) SProcRenderCreateGlyphSet, (12) SProcRenderReferenceGlyphSet, (13) SProcRenderFreeGlyphSet, (14) SProcRenderFreeGlyphs, or (15) SProcRenderCompositeGlyphs function. December 10, 2014, 09:12 am
CVE-2014-8099
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProcXvQueryAdaptors, (3) SProcXvQueryEncodings, (4) SProcXvGrabPort, (5) SProcXvUngrabPort, (6) SProcXvPutVideo, (7) SProcXvPutStill, (8) SProcXvGetVideo, (9) SProcXvGetStill, (10) SProcXvPutImage, (11) SProcXvShmPutImage, (12) SProcXvSelectVideoNotify, (13) SProcXvSelectPortNotify, (14) SProcXvStopVideo, (15) SProcXvSetPortAttribute, (16) SProcXvGetPortAttribute, (17) SProcXvQueryBestSize, (18) SProcXvQueryPortAttributes, (19) SProcXvQueryImageAttributes, or (20) SProcXvListImageFormats function. December 10, 2014, 09:12 am
CVE-2014-8097
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function. December 10, 2014, 09:12 am
CVE-2014-8096
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value. December 10, 2014, 09:12 am
CVE-2014-8095
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 The XInput extension in X.Org X Window System (aka X11 or X) X11R4 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXChangeDeviceControl, (2) ProcXChangeDeviceControl, (3) ProcXChangeFeedbackControl, (4) ProcXSendExtensionEvent, (5) SProcXIAllowEvents, (6) SProcXIChangeCursor, (7) ProcXIChangeHierarchy, (8) SProcXIGetClientPointer, (9) SProcXIGrabDevice, (10) SProcXIUngrabDevice, (11) ProcXIUngrabDevice, (12) SProcXIPassiveGrabDevice, (13) ProcXIPassiveGrabDevice, (14) SProcXIPassiveUngrabDevice, (15) ProcXIPassiveUngrabDevice, (16) SProcXListDeviceProperties, (17) SProcXDeleteDeviceProperty, (18) SProcXIListProperties, (19) SProcXIDeleteProperty, (20) SProcXIGetProperty, (21) SProcXIQueryDevice, (22) SProcXIQueryPointer, (23) SProcXISelectEvents, (24) SProcXISetClientPointer, (25) SProcXISetFocus, (26) SProcXIGetFocus, or (27) SProcXIWarpPointer function. December 10, 2014, 09:12 am
CVE-2014-8093
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) __glXDisp_ReadPixels, (2) __glXDispSwap_ReadPixels, (3) __glXDisp_GetTexImage, (4) __glXDispSwap_GetTexImage, (5) GetSeparableFilter, (6) GetConvolutionFilter, (7) GetHistogram, (8) GetMinmax, (9) GetColorTable, (10) __glXGetAnswerBuffer, (11) __GLX_GET_ANSWER_BUFFER, (12) __glXMap1dReqSize, (13) __glXMap1fReqSize, (14) Map2Size, (15) __glXMap2dReqSize, (16) __glXMap2fReqSize, (17) __glXImageSize, or (18) __glXSeparableFilter2DReqSize function, which triggers an out-of-bounds read or write. December 10, 2014, 09:12 am
CVE-2014-8092
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 Multiple integer overflows in X.Org X Window System (aka X11 or X) X11R1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to the (1) ProcPutImage, (2) GetHosts, (3) RegionSizeof, or (4) REQUEST_FIXED_SIZE function, which triggers an out-of-bounds read or write. December 10, 2014, 09:12 am
CVE-2014-8091
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal x11 X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request. December 10, 2014, 09:12 am
CVE-2014-8090
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal ruby The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080. November 21, 2014, 09:11 am
CVE-2014-8086
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag. October 13, 2014, 05:10 am
CVE-2014-8080
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal ruby The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack. November 3, 2014, 10:11 am
CVE-2014-7975
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call. October 13, 2014, 05:10 am
CVE-2014-7970
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call. October 13, 2014, 05:10 am
CVE-2014-7843
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. November 29, 2014, 19:11 pm
CVE-2014-7842
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313. November 29, 2014, 19:11 pm
CVE-2014-7841
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. November 29, 2014, 19:11 pm
CVE-2014-7840
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious qemu The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data. December 12, 2014, 09:12 am
CVE-2014-7826
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application. November 10, 2014, 05:11 am
CVE-2014-7825
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application. November 10, 2014, 05:11 am
CVE-2014-7824
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low d-bus D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1. November 18, 2014, 09:11 am
CVE-2014-7823
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium libvirt The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag. November 13, 2014, 15:11 pm
CVE-2014-7822
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem. March 16, 2015, 05:03 am
CVE-2014-7817
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium glibc The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))". November 24, 2014, 09:11 am
CVE-2014-7815
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal qemu The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. November 14, 2014, 09:11 am
CVE-2014-7284
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values. October 13, 2014, 05:10 am
CVE-2014-7283
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations. October 13, 2014, 05:10 am
CVE-2014-7217
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php. October 2, 2014, 20:10 pm
CVE-2014-7207
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access. November 10, 2014, 05:11 am
CVE-2014-7206
3.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low apt The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file. October 15, 2014, 09:10 am
CVE-2014-7189
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal go crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors. October 7, 2014, 09:10 am
CVE-2014-7187
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bash Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue. September 28, 2014, 14:09 pm
CVE-2014-7186
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bash The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the "redir_stack" issue. September 28, 2014, 14:09 pm
CVE-2014-7185
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium python Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. October 8, 2014, 12:10 pm
CVE-2014-7169
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bash GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. September 24, 2014, 20:09 pm
CVE-2014-7145
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. September 28, 2014, 05:09 am
CVE-2014-7142
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium squid The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size. November 26, 2014, 09:11 am
CVE-2014-7141
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium squid The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet. November 26, 2014, 09:11 am
CVE-2014-6568
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. January 21, 2015, 09:01 am
CVE-2014-6564
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML. October 15, 2014, 17:10 pm
CVE-2014-6559
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. October 15, 2014, 17:10 pm
CVE-2014-6555
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. October 15, 2014, 17:10 pm
CVE-2014-6551
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN. October 15, 2014, 17:10 pm
CVE-2014-6530
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP. October 15, 2014, 17:10 pm
CVE-2014-6520
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL. October 15, 2014, 17:10 pm
CVE-2014-6507
8.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. October 15, 2014, 17:10 pm
CVE-2014-6505
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE. October 15, 2014, 17:10 pm
CVE-2014-6500
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. October 15, 2014, 17:10 pm
CVE-2014-6496
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494. October 15, 2014, 17:10 pm
CVE-2014-6495
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL. October 15, 2014, 17:10 pm
CVE-2014-6494
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. October 15, 2014, 17:10 pm
CVE-2014-6491
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500. October 15, 2014, 17:10 pm
CVE-2014-6489
5.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP. October 15, 2014, 17:10 pm
CVE-2014-6484
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML. October 15, 2014, 10:10 am
CVE-2014-6478
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL. October 15, 2014, 10:10 am
CVE-2014-6474
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED. October 15, 2014, 10:10 am
CVE-2014-6469
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER. October 15, 2014, 10:10 am
CVE-2014-6464
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql mariadb Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS. October 15, 2014, 10:10 am
CVE-2014-6463
3.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML. October 15, 2014, 10:10 am
CVE-2014-6438
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious ruby The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string. September 6, 2017, 16:09 pm
CVE-2014-6432
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file. September 20, 2014, 05:09 am
CVE-2014-6431
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer. September 20, 2014, 05:09 am
CVE-2014-6430
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file. September 20, 2014, 05:09 am
CVE-2014-6429
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file. September 20, 2014, 05:09 am
CVE-2014-6428
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. September 20, 2014, 05:09 am
CVE-2014-6427
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position. September 20, 2014, 05:09 am
CVE-2014-6426
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. September 20, 2014, 05:09 am
CVE-2014-6424
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet. September 20, 2014, 05:09 am
CVE-2014-6423
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line. September 20, 2014, 05:09 am
CVE-2014-6422
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector. September 20, 2014, 05:09 am
CVE-2014-6421
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors. September 20, 2014, 05:09 am
CVE-2014-6418
7.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. September 28, 2014, 05:09 am
CVE-2014-6417
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. September 28, 2014, 05:09 am
CVE-2014-6416
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. September 28, 2014, 05:09 am
CVE-2014-6410
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. September 28, 2014, 05:09 am
CVE-2014-6408
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal docker Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image. December 12, 2014, 09:12 am
CVE-2014-6407
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious docker Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. December 12, 2014, 09:12 am
CVE-2014-6300
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal phpmyadmin Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js. November 8, 2014, 05:11 am
CVE-2014-6278
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bash GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277. September 30, 2014, 05:09 am
CVE-2014-6277
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bash GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169. September 27, 2014, 17:09 pm
CVE-2014-6273
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal apt Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted URL. September 30, 2014, 09:09 am
CVE-2014-6272
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High libevent Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later. August 24, 2015, 09:08 am
CVE-2014-6271
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High bash GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. September 24, 2014, 13:09 pm
CVE-2014-6270
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium squid Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow. September 12, 2014, 09:09 am
CVE-2014-6184
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. February 21, 2015, 20:02 pm
CVE-2014-6040
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium glibc GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8. December 5, 2014, 10:12 am
CVE-2014-5797
5.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal smart The smart (aka nh.smart) application 3.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. September 9, 2014, 05:09 am
CVE-2014-5472
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. August 31, 2014, 20:08 pm
CVE-2014-5471
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. August 31, 2014, 20:08 pm
CVE-2014-5461
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal lua Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments. September 4, 2014, 12:09 pm
CVE-2014-5459
3.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low php The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions. September 27, 2014, 05:09 am
CVE-2014-5455
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal openvpn Unquoted Windows search path vulnerability in the ptservice service in PrivateTunnel 2.3.8, as bundled in OpenVPN 2.1.28.0 allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder. August 25, 2014, 11:08 am
CVE-2014-5429
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal power DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets. December 6, 2014, 09:12 am
CVE-2014-5388
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium qemu Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption. November 15, 2014, 15:11 pm
CVE-2014-5332
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. February 6, 2015, 05:02 am
CVE-2014-5277
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal docker Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. November 17, 2014, 10:11 am
CVE-2014-5274
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. August 21, 2014, 20:08 pm
CVE-2014-5273
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php. August 21, 2014, 20:08 pm
CVE-2014-5270
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low libgcrypt Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576. October 9, 2014, 20:10 pm
CVE-2014-5263
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal qemu vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors. August 26, 2014, 09:08 am
CVE-2014-5256
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal nodejs Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack. September 5, 2014, 12:09 pm
CVE-2014-5207
6.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace. August 18, 2014, 06:08 am
CVE-2014-5206
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace. August 18, 2014, 06:08 am
CVE-2014-5177
1.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low enterprise_virtualization libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors. August 3, 2014, 13:08 pm
CVE-2014-5165
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet. August 1, 2014, 06:08 am
CVE-2014-5164
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. August 1, 2014, 06:08 am
CVE-2014-5163
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. August 1, 2014, 06:08 am
CVE-2014-5139
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client. August 13, 2014, 18:08 pm
CVE-2014-5120
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function. August 22, 2014, 20:08 pm
CVE-2014-5119
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High glibc Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules. August 29, 2014, 11:08 am
CVE-2014-5116
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal cairo The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string. July 29, 2014, 09:07 am
CVE-2014-5077
5.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction. August 1, 2014, 06:08 am
CVE-2014-5045
6.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program. August 1, 2014, 06:08 am
CVE-2014-5031
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium cups The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors. July 29, 2014, 09:07 am
CVE-2014-5030
1.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low cups CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. July 29, 2014, 09:07 am
CVE-2014-5029
1.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low cups The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. July 29, 2014, 09:07 am
CVE-2014-4987
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal phpmyadmin server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request. July 20, 2014, 06:07 am
CVE-2014-4986
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) table name or (2) column name that is improperly handled during construction of an AJAX confirmation message. July 20, 2014, 06:07 am
CVE-2014-4975
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal ruby Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow. November 15, 2014, 14:11 pm
CVE-2014-4955
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that is improperly handled on the database triggers page. July 20, 2014, 06:07 am
CVE-2014-4954
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page. July 20, 2014, 06:07 am
CVE-2014-4943
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. July 19, 2014, 14:07 pm
CVE-2014-4910
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal xf86-video-intel Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name. July 24, 2014, 09:07 am
CVE-2014-4877
9.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High wget Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink. October 29, 2014, 05:10 am
CVE-2014-4768
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low uefi IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot mode. June 28, 2015, 17:06 pm
CVE-2014-4721
2.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low php The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php. July 6, 2014, 18:07 pm
CVE-2014-4715
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium lz4 Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611. July 2, 2014, 23:07 pm
CVE-2014-4699
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls. July 9, 2014, 06:07 am
CVE-2014-4698
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments. July 10, 2014, 06:07 am
CVE-2014-4670
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments. July 10, 2014, 06:07 am
CVE-2014-4668
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal cherokee The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password. July 1, 2014, 23:07 pm
CVE-2014-4667
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. July 2, 2014, 23:07 pm
CVE-2014-4656
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function. July 2, 2014, 23:07 pm
CVE-2014-4655
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. July 2, 2014, 23:07 pm
CVE-2014-4654
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call. July 2, 2014, 23:07 pm
CVE-2014-4653
6.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. July 2, 2014, 23:07 pm
CVE-2014-4652
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. July 2, 2014, 23:07 pm
CVE-2014-4617
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnupg The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. June 25, 2014, 06:06 am
CVE-2014-4616
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. August 24, 2017, 15:08 pm
CVE-2014-4611
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715. July 2, 2014, 23:07 pm
CVE-2014-4608
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel ** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype." July 2, 2014, 23:07 pm
CVE-2014-4607
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. April 1, 2015, 20:04 pm
CVE-2014-4508
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000. June 23, 2014, 06:06 am
CVE-2014-4349
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action. June 25, 2014, 06:06 am
CVE-2014-4348
3.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables. June 25, 2014, 06:06 am
CVE-2014-4330
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low perl The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function. September 30, 2014, 11:09 am
CVE-2014-4323
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application. December 12, 2014, 05:12 am
CVE-2014-4322
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application. December 24, 2014, 09:12 am
CVE-2014-4287
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS. October 15, 2014, 10:10 am
CVE-2014-4274
4.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM. October 15, 2014, 10:10 am
CVE-2014-4260
5.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR. July 17, 2014, 06:07 am
CVE-2014-4258
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC. July 17, 2014, 06:07 am
CVE-2014-4243
2.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED. July 17, 2014, 06:07 am
CVE-2014-4240
3.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP. July 17, 2014, 06:07 am
CVE-2014-4238
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR. July 17, 2014, 06:07 am
CVE-2014-4233
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP. July 17, 2014, 06:07 am
CVE-2014-4214
3.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP. July 17, 2014, 00:07 am
CVE-2014-4207
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR. July 17, 2014, 00:07 am
CVE-2014-4174
9.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical wireshark wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet. June 18, 2014, 11:06 am
CVE-2014-4171
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call. June 23, 2014, 06:06 am
CVE-2014-4157
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem. June 23, 2014, 06:06 am
CVE-2014-4049
5.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal php Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function. June 18, 2014, 14:06 pm
CVE-2014-4043
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High glibc The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities. October 6, 2014, 18:10 pm
CVE-2014-4027
2.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. June 23, 2014, 06:06 am
CVE-2014-4020
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. June 18, 2014, 11:06 am
CVE-2014-4014
6.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root. June 23, 2014, 06:06 am
CVE-2014-3985
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. September 11, 2014, 13:09 pm
CVE-2014-3981
3.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low php acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. June 8, 2014, 13:06 pm
CVE-2014-3970
2.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low pulseaudio The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet. June 11, 2014, 09:06 am
CVE-2014-3940
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium enterprise_mrg The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c. June 5, 2014, 12:06 pm
CVE-2014-3917
3.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low enterprise_mrg kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. June 5, 2014, 12:06 pm
CVE-2014-3859
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium bind libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv. June 13, 2014, 06:06 am
CVE-2014-3710
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. November 5, 2014, 05:11 am
CVE-2014-3707
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libcurl The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information. November 15, 2014, 14:11 pm
CVE-2014-3690
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. November 10, 2014, 05:11 am
CVE-2014-3689
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious qemu The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling. November 14, 2014, 09:11 am
CVE-2014-3687
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter. November 10, 2014, 05:11 am
CVE-2014-3686
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wpa_supplicant wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame. October 15, 2014, 19:10 pm
CVE-2014-3683
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal sysklogd Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634. November 1, 2014, 19:11 pm
CVE-2014-3673
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. November 10, 2014, 05:11 am
CVE-2014-3672
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
libvirt The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. May 25, 2016, 10:05 am
CVE-2014-3670
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function. October 29, 2014, 05:10 am
CVE-2014-3669
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High php Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value. October 29, 2014, 05:10 am
CVE-2014-3668
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation. October 29, 2014, 05:10 am
CVE-2014-3660
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium libxml2 parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack. November 4, 2014, 10:11 am
CVE-2014-3657
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libvirt The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command. October 6, 2014, 09:10 am
CVE-2014-3647
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. November 10, 2014, 05:11 am
CVE-2014-3646
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. November 10, 2014, 05:11 am
CVE-2014-3645
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. November 10, 2014, 05:11 am
CVE-2014-3640
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low qemu The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. November 7, 2014, 13:11 pm
CVE-2014-3639
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low d-bus The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections. September 22, 2014, 10:09 am
CVE-2014-3638
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low d-bus The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls. September 22, 2014, 10:09 am
CVE-2014-3637
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low d-bus D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor. September 22, 2014, 10:09 am
CVE-2014-3636
1.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low d-bus D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call. October 25, 2014, 15:10 pm
CVE-2014-3635
4.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium d-bus Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure. September 22, 2014, 10:09 am
CVE-2014-3634
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious sysklogd rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access. November 1, 2014, 19:11 pm
CVE-2014-3633
5.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libvirt The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read. October 6, 2014, 09:10 am
CVE-2014-3631
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation. September 28, 2014, 05:09 am
CVE-2014-3620
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium curl cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain. November 18, 2014, 09:11 am
CVE-2014-3616
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal nginx nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks. December 8, 2014, 05:12 am
CVE-2014-3615
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low qemu The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution. November 1, 2014, 18:11 pm
CVE-2014-3613
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium curl cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. November 18, 2014, 09:11 am
CVE-2014-3611
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. November 10, 2014, 05:11 am
CVE-2014-3610
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c. November 10, 2014, 05:11 am
CVE-2014-3609
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium squid HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values." September 11, 2014, 13:09 pm
CVE-2014-3601
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. August 31, 2014, 20:08 pm
CVE-2014-3597
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. August 22, 2014, 20:08 pm
CVE-2014-3589
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal python-imaging PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size. August 25, 2014, 09:08 am
CVE-2014-3587
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. August 22, 2014, 20:08 pm
CVE-2014-3581
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal apache2 The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. October 10, 2014, 05:10 am
CVE-2014-3580
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal subversion The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist. December 18, 2014, 09:12 am
CVE-2014-3574
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal poi Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack. September 4, 2014, 12:09 pm
CVE-2014-3572
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. January 8, 2015, 20:01 pm
CVE-2014-3571
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. January 8, 2015, 20:01 pm
CVE-2014-3570
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. January 8, 2015, 20:01 pm
CVE-2014-3569
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix. December 24, 2014, 05:12 am
CVE-2014-3568
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. October 18, 2014, 20:10 pm
CVE-2014-3567
7.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High openssl Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure. October 18, 2014, 20:10 pm
CVE-2014-3566
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
openssl The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. October 14, 2014, 19:10 pm
CVE-2014-3565
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium net-snmp snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. October 7, 2014, 09:10 am
CVE-2014-3564
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal gpgme Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order." October 20, 2014, 12:10 pm
CVE-2014-3560
7.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High samba NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h. August 6, 2014, 13:08 pm
CVE-2014-3556
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal nginx The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. December 29, 2014, 14:12 pm
CVE-2014-3538
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. July 3, 2014, 09:07 am
CVE-2014-3537
1.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low cups The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. July 23, 2014, 09:07 am
CVE-2014-3535
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious kernel include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface. September 28, 2014, 14:09 pm
CVE-2014-3534
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call. August 1, 2014, 06:08 am
CVE-2014-3529
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal poi The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. September 4, 2014, 12:09 pm
CVE-2014-3528
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal subversion Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm. August 19, 2014, 13:08 pm
CVE-2014-3522
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal subversion The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. August 19, 2014, 13:08 pm
CVE-2014-3515
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High php The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage. July 9, 2014, 06:07 am
CVE-2014-3513
7.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High openssl Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. October 18, 2014, 20:10 pm
CVE-2014-3512
7.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High openssl Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter. August 13, 2014, 18:08 pm
CVE-2014-3511
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue. August 13, 2014, 18:08 pm
CVE-2014-3510
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite. August 13, 2014, 18:08 pm
CVE-2014-3509
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data. August 13, 2014, 18:08 pm
CVE-2014-3507
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function. August 13, 2014, 18:08 pm
CVE-2014-3506
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values. August 13, 2014, 18:08 pm
CVE-2014-3505
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition. August 13, 2014, 18:08 pm
CVE-2014-3499
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious docker Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors. July 11, 2014, 09:07 am
CVE-2014-3493
2.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low samba The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. June 23, 2014, 09:06 am
CVE-2014-3487
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. July 9, 2014, 06:07 am
CVE-2014-3480
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. July 9, 2014, 06:07 am
CVE-2014-3479
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file. July 9, 2014, 06:07 am
CVE-2014-3478
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. July 9, 2014, 06:07 am
CVE-2014-3477
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low d-bus The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service. July 1, 2014, 12:07 pm
CVE-2014-3471
4.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices. January 12, 2018, 11:01 am
CVE-2014-3470
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. June 5, 2014, 16:06 pm
CVE-2014-3469
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. June 5, 2014, 15:06 pm
CVE-2014-3468
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. June 5, 2014, 15:06 pm
CVE-2014-3467
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. June 5, 2014, 15:06 pm
CVE-2014-3466
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. June 3, 2014, 09:06 am
CVE-2014-3465
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal gnutls The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. June 10, 2014, 09:06 am
CVE-2014-3461
6.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal qemu hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks." November 4, 2014, 15:11 pm
CVE-2014-3227
6.4 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal dpkg dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this vulnerability exists because of reliance on unrealistic constraints on the behavior of an external program. May 30, 2014, 13:05 pm
CVE-2014-3215
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium policycoreutils seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges. May 8, 2014, 05:05 am
CVE-2014-3214
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium bind The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes. May 8, 2014, 20:05 pm
CVE-2014-3186
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report. September 28, 2014, 05:09 am
CVE-2014-3185
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response. September 28, 2014, 05:09 am
CVE-2014-3184
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. September 28, 2014, 05:09 am
CVE-2014-3183
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report. September 28, 2014, 05:09 am
CVE-2014-3182
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value. September 28, 2014, 05:09 am
CVE-2014-3181
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event. September 28, 2014, 05:09 am
CVE-2014-3153
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High enterprise_mrg The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. June 7, 2014, 09:06 am
CVE-2014-3145
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. May 11, 2014, 16:05 pm
CVE-2014-3144
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced. May 11, 2014, 16:05 pm
CVE-2014-3127
7.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious dpkg dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471. May 13, 2014, 19:05 pm
CVE-2014-3122
4.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings. May 11, 2014, 16:05 pm
CVE-2014-3121
7.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious rxvt-unicode rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands. May 13, 2014, 19:05 pm
CVE-2014-2980
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal base Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service (abort) via an invalid request. April 28, 2014, 09:04 am
CVE-2014-2978
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical directfb The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write. June 11, 2014, 09:06 am
CVE-2014-2977
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical directfb Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow. June 11, 2014, 09:06 am
CVE-2014-2907
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. April 24, 2014, 05:04 am
CVE-2014-2894
7.2 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious qemu Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption. April 23, 2014, 10:04 am
CVE-2014-2891
5.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium strongswan strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. May 7, 2014, 05:05 am
CVE-2014-2889
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges via a long jump after a conditional jump. April 26, 2014, 19:04 pm
CVE-2014-2856
4.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal cups Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. April 18, 2014, 09:04 am
CVE-2014-2855
7.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious rsync The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file. April 23, 2014, 10:04 am
CVE-2014-2851
6.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter. April 14, 2014, 18:04 pm
CVE-2014-2830
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical cifs-utils Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors. March 31, 2015, 09:03 am
CVE-2014-2739
4.6 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet (aka RoCE) address that is properly resolved within a different module, which allows remote attackers to cause a denial of service (incorrect pointer dereference and system crash) via crafted network traffic. April 14, 2014, 18:04 pm
CVE-2014-2734
5.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal ruby ** DISPUTED ** The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations. NOTE: this issue has been disputed by the Ruby OpenSSL team and third parties, who state that the original demonstration PoC contains errors and redundant or unnecessarily-complex code that does not appear to be related to a demonstration of the issue. As of 20140502, CVE is not aware of any public comment by the original researcher. April 24, 2014, 18:04 pm
CVE-2014-2706
7.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. April 14, 2014, 18:04 pm
CVE-2014-2678
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. April 1, 2014, 01:04 am
CVE-2014-2673
4.7 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact with the clone and fork system calls, which allows local users to cause a denial of service (Program Check and system crash) via certain instructions that are executed with the processor in the Transactional state. April 1, 2014, 01:04 am
CVE-2014-2672
7.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions. April 1, 2014, 01:04 am
CVE-2014-2669
6.5 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact via vectors related to the (1) hstore_recv, (2) hstore_from_arrays, and (3) hstore_from_array functions in contrib/hstore/hstore_io.c; and the (4) hstoreArrayToPairs function in contrib/hstore/hstore_op.c, which triggers a buffer overflow. NOTE: this issue was SPLIT from CVE-2014-0064 because it has a different set of affected versions. March 31, 2014, 09:03 am
CVE-2014-2667
3.3 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low python Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value. November 15, 2014, 19:11 pm
CVE-2014-2653
5.8 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssh The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate. March 27, 2014, 05:03 am
CVE-2014-2648
10.0 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical kernel Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. October 9, 2014, 20:10 pm
CVE-2014-2608
2.1 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors. December 10, 2014, 15:12 pm
CVE-2014-2568
2.9 MV Product/Version
affected:
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced. March 24, 2014, 11:03 am
CVE-2014-2532
5.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
openssh sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. March 18, 2014, 00:03 am
CVE-2014-2525
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium libyaml Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file. March 28, 2014, 10:03 am
CVE-2014-2524
3.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low readline The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file. August 20, 2014, 09:08 am
CVE-2014-2523
10.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function. March 24, 2014, 11:03 am
CVE-2014-2497
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium php The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. March 21, 2014, 09:03 am
CVE-2014-2494
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC. July 17, 2014, 00:07 am
CVE-2014-2484
6.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS. July 17, 2014, 00:07 am
CVE-2014-2451
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges. April 15, 2014, 21:04 pm
CVE-2014-2450
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. April 15, 2014, 21:04 pm
CVE-2014-2444
6.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to InnoDB. April 15, 2014, 21:04 pm
CVE-2014-2442
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM. April 15, 2014, 21:04 pm
CVE-2014-2440
5.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. April 15, 2014, 21:04 pm
CVE-2014-2438
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. April 15, 2014, 21:04 pm
CVE-2014-2436
6.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. April 15, 2014, 21:04 pm
CVE-2014-2435
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. April 15, 2014, 21:04 pm
CVE-2014-2434
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML. April 15, 2014, 21:04 pm
CVE-2014-2432
2.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. April 15, 2014, 21:04 pm
CVE-2014-2431
2.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options. April 15, 2014, 21:04 pm
CVE-2014-2430
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. April 15, 2014, 21:04 pm
CVE-2014-2419
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. April 15, 2014, 21:04 pm
CVE-2014-2405
10.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical openjdk Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462. May 13, 2014, 19:05 pm
CVE-2014-2338
6.4 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium strongswan IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established. April 16, 2014, 13:04 pm
CVE-2014-2324
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal lighttpd Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname. March 14, 2014, 10:03 am
CVE-2014-2323
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious lighttpd SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. March 14, 2014, 10:03 am
CVE-2014-2310
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal net-snmp The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151. April 17, 2014, 09:04 am
CVE-2014-2309
6.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets. March 11, 2014, 08:03 am
CVE-2014-2299
9.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical wireshark Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data. March 11, 2014, 08:03 am
CVE-2014-2285
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal net-snmp The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. April 27, 2014, 17:04 pm
CVE-2014-2284
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal net-snmp The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors. March 24, 2014, 11:03 am
CVE-2014-2283
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet. March 11, 2014, 08:03 am
CVE-2014-2282
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet. March 11, 2014, 08:03 am
CVE-2014-2281
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal wireshark The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. March 11, 2014, 08:03 am
CVE-2014-2270
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. March 14, 2014, 10:03 am
CVE-2014-2241
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal freetype The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file. March 18, 2014, 12:03 pm
CVE-2014-2240
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High freetype Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file. March 12, 2014, 09:03 am
CVE-2014-2039
4.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction. February 28, 2014, 00:02 am
CVE-2014-2038
3.7 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file. February 28, 2014, 00:02 am
CVE-2014-2020
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal php ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226. February 18, 2014, 05:02 am
CVE-2014-1959
5.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. March 6, 2014, 18:03 pm
CVE-2014-1949
7.2 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious gtk+ GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button. January 16, 2015, 10:01 am
CVE-2014-1912
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High python Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. February 28, 2014, 18:02 pm
CVE-2014-1879
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low phpmyadmin Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action. February 20, 2014, 09:02 am
CVE-2014-1876
4.4 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal openjdk The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log. February 10, 2014, 17:02 pm
CVE-2014-1874
4.4 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. February 28, 2014, 00:02 am
CVE-2014-1739
1.7 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call. June 23, 2014, 06:06 am
CVE-2014-1738
4.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. May 11, 2014, 16:05 pm
CVE-2014-1737
7.2 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. May 11, 2014, 16:05 pm
CVE-2014-1692
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High openssh The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition. January 29, 2014, 10:01 am
CVE-2014-1690
2.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature. February 28, 2014, 00:02 am
CVE-2014-1568
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High chrome Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. September 25, 2014, 12:09 pm
CVE-2014-1545
10.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High nspr Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. June 11, 2014, 05:06 am
CVE-2014-1544
10.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High firefox Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain. July 23, 2014, 06:07 am
CVE-2014-1491
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium firefox Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value. February 5, 2014, 23:02 pm
CVE-2014-1490
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium firefox Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket. February 5, 2014, 23:02 pm
CVE-2014-1447
3.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low libvirt Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. January 24, 2014, 12:01 pm
CVE-2014-1446
1.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. January 18, 2014, 16:01 pm
CVE-2014-1445
2.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call. January 18, 2014, 16:01 pm
CVE-2014-1444
1.7 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. January 18, 2014, 16:01 pm
CVE-2014-1438
4.7 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application. January 18, 2014, 16:01 pm
CVE-2014-1402
4.4 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal jinja2 The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp. May 19, 2014, 09:05 am
CVE-2014-1270
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal webkit WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. February 26, 2014, 19:02 pm
CVE-2014-1269
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal webkit WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. February 26, 2014, 19:02 pm
CVE-2014-1268
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal webkit WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. February 26, 2014, 19:02 pm
CVE-2014-0591
2.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low bind The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature. January 13, 2014, 22:01 pm
CVE-2014-0490
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious apt The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package. November 3, 2014, 16:11 pm
CVE-2014-0489
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious apt APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package. November 3, 2014, 16:11 pm
CVE-2014-0488
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal apt APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote attackers to have unspecified impact via crafted repository data. November 3, 2014, 16:11 pm
CVE-2014-0487
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious apt APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors. November 3, 2014, 16:11 pm
CVE-2014-0478
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium apt APT before 1.0.4 does not properly validate source packages, which allows man-in-the-middle attackers to download and install Trojan horse packages by removing the Release signature. June 17, 2014, 09:06 am
CVE-2014-0475
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium glibc Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable. July 29, 2014, 09:07 am
CVE-2014-0471
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal dpkg Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting." April 30, 2014, 09:04 am
CVE-2014-0462
10.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Critical openjdk Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405. May 13, 2014, 19:05 pm
CVE-2014-0437
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. January 15, 2014, 10:01 am
CVE-2014-0433
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling. January 15, 2014, 10:01 am
CVE-2014-0431
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5881. January 15, 2014, 10:01 am
CVE-2014-0430
2.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. January 15, 2014, 10:01 am
CVE-2014-0427
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS. January 15, 2014, 10:01 am
CVE-2014-0420
2.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. January 15, 2014, 10:01 am
CVE-2014-0412
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. January 15, 2014, 10:01 am
CVE-2014-0402
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. January 15, 2014, 10:01 am
CVE-2014-0401
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. January 15, 2014, 10:01 am
CVE-2014-0393
3.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. January 15, 2014, 10:01 am
CVE-2014-0386
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. January 15, 2014, 10:01 am
CVE-2014-0384
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. April 15, 2014, 19:04 pm
CVE-2014-0333
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libpng The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero. February 27, 2014, 14:02 pm
CVE-2014-0249
3.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low sssd The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors. June 11, 2014, 09:06 am
CVE-2014-0244
3.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low samba The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. June 23, 2014, 09:06 am
CVE-2014-0239
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium samba The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103. May 27, 2014, 23:05 pm
CVE-2014-0238
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal php The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long. May 31, 2014, 23:05 pm
CVE-2014-0237
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal php The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls. May 31, 2014, 23:05 pm
CVE-2014-0236
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c. May 16, 2016, 05:05 am
CVE-2014-0224
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. June 5, 2014, 16:06 pm
CVE-2014-0223
4.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium qemu Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read. November 4, 2014, 15:11 pm
CVE-2014-0222
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High qemu Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. November 4, 2014, 15:11 pm
CVE-2014-0221
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. June 5, 2014, 16:06 pm
CVE-2014-0211
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High libxfont Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. May 15, 2014, 09:05 am
CVE-2014-0210
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High libxfont Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function. May 15, 2014, 09:05 am
CVE-2014-0209
4.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium libxfont Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata. May 15, 2014, 09:05 am
CVE-2014-0207
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium file The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file. July 9, 2014, 06:07 am
CVE-2014-0206
2.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value. June 25, 2014, 06:06 am
CVE-2014-0205
6.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal kernel The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count. September 28, 2014, 14:09 pm
CVE-2014-0203
4.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call. June 23, 2014, 06:06 am
CVE-2014-0198
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. May 6, 2014, 05:05 am
CVE-2014-0196
6.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. May 7, 2014, 05:05 am
CVE-2014-0195
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. June 5, 2014, 16:06 pm
CVE-2014-0191
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium fusion_middleware The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document. January 21, 2015, 08:01 am
CVE-2014-0190
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium qt The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image. May 8, 2014, 09:05 am
CVE-2014-0185
7.2 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious php sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client. May 6, 2014, 05:05 am
CVE-2014-0182
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High qemu Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image. November 4, 2014, 15:11 pm
CVE-2014-0181
2.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program. April 26, 2014, 19:04 pm
CVE-2014-0179
1.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low enterprise_virtualization libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods. August 3, 2014, 13:08 pm
CVE-2014-0178
3.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low samba Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request. May 27, 2014, 23:05 pm
CVE-2014-0172
6.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal elfutils Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow. April 11, 2014, 10:04 am
CVE-2014-0160
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium openssl The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. April 7, 2014, 17:04 pm
CVE-2014-0155
5.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced. April 14, 2014, 18:04 pm
CVE-2014-0150
4.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium qemu Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow. April 18, 2014, 09:04 am
CVE-2014-0146
5.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal qemu The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields. August 10, 2017, 10:08 am
CVE-2014-0145
7.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious qemu Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c). August 10, 2017, 10:08 am
CVE-2014-0143
7.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious qemu Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes. August 10, 2017, 10:08 am
CVE-2014-0142
5.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal qemu QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c. August 10, 2017, 10:08 am
CVE-2014-0138
6.4 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium curl The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015. April 15, 2014, 09:04 am
CVE-2014-0133
5.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal nginx Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request. March 28, 2014, 10:03 am
CVE-2014-0131
2.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low kernel Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. March 24, 2014, 11:03 am
CVE-2014-0128
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium squid Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. April 14, 2014, 10:04 am
CVE-2014-0118
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal apache2 The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. July 20, 2014, 06:07 am
CVE-2014-0117
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium appache The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header. July 20, 2014, 06:07 am
CVE-2014-0106
6.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal sudo Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable. March 11, 2014, 14:03 pm
CVE-2014-0102
5.2 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands. March 11, 2014, 08:03 am
CVE-2014-0101
7.1 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk. March 11, 2014, 08:03 am
CVE-2014-0100
9.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel Race condition in the inet_frag_intern function in net/ipv4/inet_fragment.c in the Linux kernel through 3.13.6 allows remote attackers to cause a denial of service (use-after-free error) or possibly have unspecified other impact via a large series of fragmented ICMP Echo Request packets to a system with a heavy CPU load. March 11, 2014, 08:03 am
CVE-2014-0098
5.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal apache2 The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation. March 18, 2014, 00:03 am
CVE-2014-0092
5.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium gnutls lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. March 6, 2014, 18:03 pm
CVE-2014-0088
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious nginx The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request. April 29, 2014, 09:04 am
CVE-2014-0077
5.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions. April 14, 2014, 18:04 pm
CVE-2014-0076
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
openssl The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. March 25, 2014, 08:03 am
CVE-2014-0069
6.2 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. February 28, 2014, 00:02 am
CVE-2014-0067
4.6 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. March 31, 2014, 09:03 am
CVE-2014-0066
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors. March 31, 2014, 09:03 am
CVE-2014-0065
6.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063. March 31, 2014, 09:03 am
CVE-2014-0064
6.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector. March 31, 2014, 09:03 am
CVE-2014-0063
6.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065. March 31, 2014, 09:03 am
CVE-2014-0062
4.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window. March 31, 2014, 09:03 am
CVE-2014-0061
6.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions. March 31, 2014, 09:03 am
CVE-2014-0060
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium postgresql PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command. March 31, 2014, 09:03 am
CVE-2014-0049
7.4 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
High kernel Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data. March 11, 2014, 08:03 am
CVE-2014-0047
7.8 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious docker Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. October 6, 2017, 10:10 am
CVE-2014-0038
6.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium kernel The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter. February 6, 2014, 16:02 pm
CVE-2014-0032
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal subversion The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command. February 14, 2014, 09:02 am
CVE-2014-0028
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal libvirt libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API. January 24, 2014, 12:01 pm
CVE-2014-0019
1.9 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Low socat Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line. February 4, 2014, 15:02 pm
CVE-2014-0016
4.3 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Normal stunnel stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates. March 24, 2014, 11:03 am
CVE-2014-0015
4.0 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Medium curl cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request. February 1, 2014, 18:02 pm
CVE-2014-0001
7.5 MV Product/Version
affected:
CGE 5.1
CGE 6.0
CGE 7.0
CGX 1.8
CGX 2.0
CGX 2.2
Serious mysql mariadb Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string. January 31, 2014, 17:01 pm