CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2014-3640 – qemu: slirp: NULL pointer deref in sosendto()
https://notcve.org/view.php?id=CVE-2014-3640
06 Oct 2014 — The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. La función sosendto en slirp/udp.c en QEMU anterior a 2.1.2 permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo) mediante el envió de un paquete udp con un valor de 0 en el pueto y dirección de la fuente, lo que provoca... • http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 0CVE-2014-3633 – libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
https://notcve.org/view.php?id=CVE-2014-3633
30 Sep 2014 — The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read. La función qemuDomainGetBlockIoTune en qemu/qemu_driver.c en libvirt anterior a 1.2.9, cuando un disco ha sido conectado en caliente o eliminado de la imagen en vivo, permite a atacantes remotos ca... • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 90%CPEs: 345EXPL: 23CVE-2014-7169 – GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-7169
25 Sep 2014 — GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a ... • https://packetstorm.news/files/id/128650 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-228: Improper Handling of Syntactically Invalid Structure •
CVSS: 10.0EPSS: 94%CPEs: 345EXPL: 138CVE-2014-6271 – GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-6271
24 Sep 2014 — GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." N... • https://packetstorm.news/files/id/181111 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-4532 – Ubuntu Security Notice USN-2342-1
https://notcve.org/view.php?id=CVE-2013-4532
08 Sep 2014 — Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. Qemu versión 1.1.2+dfsg hasta 2.1+dfsg sufre un desbordamiento de búfer que podría resultar en una ejecución de código arbitrario en el host con los privilegios del proceso QEMU. Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data... • http://www.ubuntu.com/usn/USN-2342-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1CVE-2012-6656 – Mandriva Linux Security Advisory 2014-175
https://notcve.org/view.php?id=CVE-2012-6656
08 Sep 2014 — iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8. iconvdata/ibm930.c en GNU C Library (también conocido como glibc) anterior a 2.16 permite a atacantes dependientes de contexto causar una denegación de servicio (lectura fuera de rango) a través de un valor de caracteres de multibytes de '0xffff' en la fu... • http://www.debian.org/security/2015/dsa-3142 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 9%CPEs: 4EXPL: 1CVE-2014-3618 – procmail: Heap-overflow in procmail's formail utility when processing specially-crafted email headers
https://notcve.org/view.php?id=CVE-2014-3618
04 Sep 2014 — Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes." Desbordamiento de buffer basado en memoria dinámica en formisc.c en formail en procmail 3.22 permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una cabecera de email manipulada, relacionado con 'comillas inestables... • http://linux.oracle.com/errata/ELSA-2014-1172.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2014-3564 – Mandriva Linux Security Advisory 2014-160
https://notcve.org/view.php?id=CVE-2014-3564
07 Aug 2014 — Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order." Múltiples desbordamientos de buffer basado en memoria dinámica en la función status_handler en (1) engine-gpgsm.c y (2) engine-uiserver.c en GPGME anterior a 1.5.1 permiten a atacantes remotos causar una deneg... • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git%3Ba=commit%3Bh=2cbd76f7911fc215845e89b50d6af5ff4a83dd77 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 3CVE-2013-4357 – Ubuntu Security Notice USN-2306-1
https://notcve.org/view.php?id=CVE-2013-4357
04 Aug 2014 — The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. El paquete eglibc versiones anteriores a la versión 2.14, manejó incorrectamente la función getaddrinfo(). Un atacante podría usar este problema para causar una denegación de servicio. USN-2306-1 fixed vulnerabilities in the GNU C Library. • http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2014-5029 – cups: Incomplete fix for CVE-2014-3537
https://notcve.org/view.php?id=CVE-2014-5029
28 Jul 2014 — The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. La interfaz web en CUPS 1.7.4 permite a usuarios locales en el grupo lp leer ficheros arbitrarios a través de un ataque de enlace simbólico sobre un fichero en /var/cache/cups/rss/ y language[0] configurado a nulo. NOTA: esta vulnerabilidad existe debido a ... • http://advisories.mageia.org/MGASA-2014-0313.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •