Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2014-7970 5.5 MEDIUM EPSS 0.00

Novell Suse Linux Enterprise Server < 3.17 - Denial of Service

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.

CWE-400 Oct 13, 2014

CVE-2014-4406 6.1 MEDIUM EPSS 0.01

Apple OS X Server <3.2.1 - XSS

Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Sep 19, 2014

CVE-2014-4373 5.5 MEDIUM EPSS 0.00

Apple iOS <8, Apple TV <7 - DoS

The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.

Sep 18, 2014

CVE-2014-4364 5.6 MEDIUM EPSS 0.00

Apple iOS <8 - Auth Bypass

The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.

CWE-310 Sep 18, 2014

CVE-2014-4806 5.5 MEDIUM EPSS 0.00

IBM Security AppScan Enterprise <9.0.0.1 - Info Disclosure

The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file.

CWE-522 Aug 29, 2014

CVE-2014-3480 6.5 MEDIUM EPSS 0.06

File < 5.19 - Improper Input Validation

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

CWE-20 Jul 09, 2014

CVE-2014-3478 6.5 MEDIUM EPSS 0.25

Christos Zoulas File < 5.18 - Memory Corruption

Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.

CWE-119 Jul 09, 2014

CVE-2014-0207 6.5 MEDIUM EPSS 0.07

PHP <5.4.30, <5.5.14 - DoS

The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

CWE-119 Jul 09, 2014

CVE-2013-3993 6.5 MEDIUM KEV RANSOMWARE EPSS 0.21

IBM Infosphere Biginsights < 2.1.0.3 - Path Traversal

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls.

CWE-22 Jul 07, 2014

CVE-2014-3477 4.0 MEDIUM EPSS 0.00

D-bus - Denial of Service

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.

Jul 01, 2014

CVE-2014-2005 6.8 MEDIUM EPSS 0.00

Sophos Disk Encryption <5.2.2 - Privilege Escalation

Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate attackers to obtain desktop access by leveraging the absence of a login screen.

CWE-287 Jun 25, 2014

CVE-2014-0203 5.5 MEDIUM EPSS 0.00

Linux kernel <2.6.33 - DoS

The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call.

CWE-416 Jun 23, 2014

CVE-2014-3146 6.1 MEDIUM 1 PoC Analysis EPSS 0.04

Lxml < 3.3.4 - XSS

Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.

CWE-79 May 14, 2014

CVE-2014-0196 5.5 MEDIUM KEV 4 PoCs Analysis EPSS 0.62

Linux kernel <3.14.3 - DoS

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

CWE-362 May 07, 2014

CVE-2013-7354 6.5 MEDIUM EPSS 0.01

libpng <1.5.14rc03 - DoS

Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.

CWE-190 May 06, 2014

CVE-2013-7353 6.5 MEDIUM EPSS 0.00

libpng <1.5.14.08 - DoS

Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.

CWE-190 May 06, 2014

CVE-2014-1530 6.1 MEDIUM EPSS 0.01

Mozilla Firefox < 29.0 - XSS

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.

CWE-79 Apr 30, 2014

CVE-2014-1523 6.5 MEDIUM EPSS 0.01

Mozilla Firefox < 29.0 - Out-of-Bounds Write

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.

CWE-787 Apr 30, 2014

CVE-2014-2526 6.1 MEDIUM EPSS 0.01

BarracudaDrive <6.7 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7 allow remote attackers to inject arbitrary web script or HTML via the (1) sForumName or (2) sDescription parameter to Forum/manage/ForumManager.lsp; (3) sHint, (4) sWord, or (5) nId parameter to Forum/manage/hangman.lsp; (6) user parameter to rtl/protected/admin/wizard/setuser.lsp; (7) name or (8) email parameter to feedback.lsp; (9) lname or (10) url parameter to private/manage/PageManager.lsp; (11) cmd parameter to fs; (12) newname, (13) description, (14) firstname, (15) lastname, or (16) id parameter to rtl/protected/mail/manage/list.lsp; or (17) PATH_INFO to fs/.

CWE-79 Mar 25, 2014

CVE-2014-1496 5.5 MEDIUM EPSS 0.00

Mozilla Firefox < 28.0 - Improper Privilege Management

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.

CWE-269 Mar 19, 2014

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps