Search Results (2707 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-7250 4 Bsd, Freebsd, Netbsd and 1 more 4 Bsd, Freebsd, Netbsd and 1 more 2025-04-12 N/A
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
CVE-2014-7256 1 Iij 12 Seil B1, Seil B1 Firmware, Seil Plus and 9 more 2025-04-12 N/A
The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Internet Initiative Japan Inc. SEIL series routers SEIL/x86 Fuji 1.00 through 3.22; SEIL/X1, SEIL/X2, and SEIL/B1 1.00 through 4.62; SEIL/Turbo 1.82 through 2.18; and SEIL/neu 2FE Plus 1.82 through 2.18 allow remote attackers to cause a denial of service (restart) via crafted (a) GRE or (b) MPPE packets.
CVE-2014-7266 1 Cybozu 1 Remote Service Manager 2025-04-12 N/A
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1983.
CVE-2014-7283 2 Linux, Redhat 3 Linux Kernel, Enterprise Mrg, Mrg Realtime 2025-04-12 N/A
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations.
CVE-2014-7300 2 Gnome, Redhat 6 Gnome-shell, Enterprise Linux, Enterprise Linux Desktop and 3 more 2025-04-12 N/A
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
CVE-2014-9402 4 Canonical, Gnu, Opensuse and 1 more 4 Ubuntu Linux, Glibc, Opensuse and 1 more 2025-04-12 N/A
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
CVE-2014-9420 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-12 N/A
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.
CVE-2014-9428 1 Linux 1 Linux Kernel 2025-04-12 N/A
The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets.
CVE-2014-9465 2 Fedoraproject, Zarafa 3 Fedora, Webapp, Zarafa Collaboration Platform 2025-04-12 N/A
senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files.
CVE-2014-9472 3 Bestpractical, Debian, Fedoraproject 3 Request Tracker, Debian Linux, Fedora 2025-04-12 N/A
The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.
CVE-2014-9490 1 Getsentry 1 Raven-ruby 2025-04-12 N/A
The numtok function in lib/raven/okjson.rb in the raven-ruby gem before 0.12.2 for Ruby allows remote attackers to cause a denial of service via a large exponent value in a scientific number.
CVE-2014-9527 3 Apache, Fedoraproject, Redhat 3 Poi, Fedora, Jboss Data Virtualization 2025-04-12 N/A
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
CVE-2014-9621 1 File Project 1 File 2025-04-12 N/A
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.
CVE-2014-9620 2 File Project, Redhat 2 File, Enterprise Linux 2025-04-12 N/A
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.
CVE-2014-9623 2 Openstack, Redhat 2 Image Registry And Delivery Service \(glance\), Openstack 2025-04-12 N/A
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.
CVE-2014-9684 2 Openstack, Redhat 2 Image Registry And Delivery Service \(glance\), Openstack 2025-04-12 N/A
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the uploads finish, a different vulnerability than CVE-2015-1881.
CVE-2014-9718 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-12 N/A
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.
CVE-2014-9744 2 Opensuse, Polarssl 2 Opensuse, Polarssl 2025-04-12 N/A
Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of ClientHello messages. NOTE: this identifier was SPLIT from CVE-2014-8628 per ADT3 due to different affected versions.
CVE-2014-9745 4 Canonical, Debian, Freetype and 1 more 4 Ubuntu Linux, Debian Linux, Freetype and 1 more 2025-04-12 N/A
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
CVE-2014-9747 2 Debian, Freetype 2 Debian Linux, Freetype 2025-04-12 N/A
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.