Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3184 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. | |||||
| CVE-2014-3174 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls. | |||||
| CVE-2014-3173 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc. | |||||
| CVE-2014-3158 | 1 Point-to-point Protocol Project | 1 Point-to-point Protocol | 2023-11-07 | 7.5 HIGH | N/A |
| Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables." | |||||
| CVE-2014-3157 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library. | |||||
| CVE-2014-3156 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc. | |||||
| CVE-2014-2299 | 1 Wireshark | 1 Wireshark | 2023-11-07 | 9.3 HIGH | N/A |
| Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data. | |||||
| CVE-2014-2263 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 6.8 MEDIUM | N/A |
| The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write. | |||||
| CVE-2014-2098 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 6.8 MEDIUM | N/A |
| libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data. | |||||
| CVE-2014-2013 | 1 Artifex | 1 Mupdf | 2023-11-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element. | |||||
| CVE-2014-1746 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer. | |||||
| CVE-2014-1711 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-1710 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-1452 | 1 Freebsd | 1 Freebsd | 2023-11-07 | 5.8 MEDIUM | N/A |
| Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted GETBULK PDU request. | |||||
| CVE-2014-125025 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125024 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125023 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125022 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125021 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125020 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||