Search Results (2919 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-0079 1 Microsoft 4 Windows 7, Windows 8, Windows 8.1 and 1 more 2025-04-12 N/A
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to cause a denial of service (memory consumption and RDP outage) by establishing many RDP sessions that do not properly free allocated memory, aka "Remote Desktop Protocol (RDP) Denial of Service Vulnerability."
CVE-2013-2564 1 Mambo-foundation 1 Mambo Cms 2025-04-12 N/A
Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
CVE-2014-0528 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2025-04-12 N/A
Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
CVE-2014-1700 1 Google 1 Chrome 2025-04-12 N/A
Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure.
CVE-2014-1720 1 Google 1 Chrome 2025-04-12 N/A
Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes.
CVE-2014-1722 1 Google 1 Chrome 2025-04-12 N/A
Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node.
CVE-2014-1724 1 Google 1 Chrome 2025-04-12 N/A
Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request.
CVE-2014-1740 1 Google 1 Chrome 2025-04-12 N/A
Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion.
CVE-2014-1742 1 Google 1 Chrome 2025-04-12 N/A
Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling.
CVE-2014-1763 1 Microsoft 1 Internet Explorer 2025-04-12 N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
CVE-2014-1765 1 Microsoft 1 Internet Explorer 2025-04-12 N/A
Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.
CVE-2014-2537 1 Sophos 2 Unified Threat Management, Unified Threat Management Software 2025-04-12 N/A
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2014-3397 1 Cisco 1 Telepresence Mcu Software 2025-04-12 N/A
The network stack in Cisco TelePresence MCU Software before 4.3(2.30) allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets, aka Bug ID CSCtz35468.
CVE-2014-3493 2 Redhat, Samba 2 Enterprise Linux, Samba 2025-04-12 N/A
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
CVE-2014-3506 2 Openssl, Redhat 5 Openssl, Enterprise Linux, Jboss Enterprise Application Platform and 2 more 2025-04-12 N/A
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
CVE-2014-3511 2 Openssl, Redhat 4 Openssl, Enterprise Linux, Rhev Manager and 1 more 2025-04-12 N/A
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.
CVE-2014-3523 3 Apache, Microsoft, Redhat 3 Http Server, Windows, Jboss Core Services 2025-04-12 N/A
Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.
CVE-2014-5327 1 Huawei 2 E5332, E5332 Firmware 2025-04-12 N/A
Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long URI.
CVE-2014-8004 1 Cisco 1 Ios Xr 2025-04-12 N/A
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.
CVE-2014-6603 1 Openinfosecfoundation 1 Suricata 2025-04-12 N/A
The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.