msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.
Max CVSS
6.8
EPSS Score
15.88%
Published
2014-05-20
Updated
2016-09-09
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors.
Max CVSS
5.8
EPSS Score
0.17%
Published
2014-05-31
Updated
2018-10-09
Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a "#f" value in the NUM argument.
Max CVSS
7.5
EPSS Score
7.94%
Published
2014-05-20
Updated
2017-07-01
libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
Max CVSS
7.5
EPSS Score
2.13%
Published
2014-05-22
Updated
2016-12-22
The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.87%
Published
2014-05-16
Updated
2014-05-19
ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.
Max CVSS
4.3
EPSS Score
0.10%
Published
2014-05-19
Updated
2014-06-03
Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows local users to read system memory or cause a denial of service (crash) via a crafted kernel, which triggers a buffer overflow.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-19
Updated
2018-10-30
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel.
Max CVSS
1.9
EPSS Score
0.04%
Published
2014-05-19
Updated
2018-10-30
Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit guest kernel, related to searching for an appended DTB.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-19
Updated
2018-10-30
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow.
Max CVSS
3.3
EPSS Score
0.04%
Published
2014-05-19
Updated
2018-10-30
Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .jpg file.
Max CVSS
4.3
EPSS Score
0.20%
Published
2014-05-16
Updated
2021-07-16
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.
Max CVSS
9.3
EPSS Score
3.12%
Published
2014-05-20
Updated
2014-05-20
JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
Max CVSS
4.3
EPSS Score
2.49%
Published
2014-05-14
Updated
2014-05-15
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
Max CVSS
4.3
EPSS Score
1.50%
Published
2014-05-23
Updated
2017-08-29
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
Max CVSS
4.3
EPSS Score
26.50%
Published
2014-05-14
Updated
2014-05-15
Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.
Max CVSS
5.0
EPSS Score
9.08%
Published
2014-05-14
Updated
2017-12-29
NCSA Mosaic 2.1 through 2.7b5 allows local users to cause a denial of service ("remote control" outage) by creating a /tmp/Mosaic.pid file for every possible PID.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-05-08
Updated
2014-05-08
NCSA Mosaic 2.0 and earlier allows local users to cause a denial of service ("remote control" outage) by creating a /tmp/xmosaic.pid file for every possible PID.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-05-08
Updated
2014-05-08
Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674.
Max CVSS
5.0
EPSS Score
0.75%
Published
2014-05-29
Updated
2016-09-07
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.
Max CVSS
6.1
EPSS Score
0.61%
Published
2014-05-25
Updated
2021-10-05
Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780.
Max CVSS
4.0
EPSS Score
0.21%
Published
2014-05-26
Updated
2016-09-07
The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282.
Max CVSS
6.1
EPSS Score
0.11%
Published
2014-05-20
Updated
2016-09-07
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.
Max CVSS
5.0
EPSS Score
0.13%
Published
2014-05-20
Updated
2016-09-07
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.
Max CVSS
5.0
EPSS Score
0.13%
Published
2014-05-20
Updated
2016-09-07
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.
Max CVSS
6.8
EPSS Score
0.11%
Published
2014-05-20
Updated
2014-05-20
142 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!