Latest CVE Feed
-
7.5
HIGHCVE-2014-9661
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted T... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_eus opensuse enterprise_linux_hpc_node freetype +1 more products- EPSS Score: %4.86
- Published: Feb. 08, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2014-9660
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via ... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_eus opensuse solaris enterprise_linux_hpc_node +2 more products- EPSS Score: %3.56
- Published: Feb. 08, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2014-9659
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overfl... Read more
- EPSS Score: %2.85
- Published: Feb. 08, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2014-9658
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Tr... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_eus opensuse solaris enterprise_linux_hpc_node +2 more products- EPSS Score: %1.28
- Published: Feb. 08, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2014-9657
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_eus opensuse solaris enterprise_linux_hpc_node +2 more products- EPSS Score: %1.28
- Published: Feb. 08, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2014-9656
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact vi... Read more
- EPSS Score: %1.79
- Published: Feb. 08, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0072
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors involving an IFRAME element that triggers a redirect, a secon... Read more
Affected Products : internet_explorer- EPSS Score: %88.55
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0871
Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK 1.62 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : guestbook- EPSS Score: %0.25
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-0602
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117.... Read more
Affected Products : unified_ip_phones_9900_series_firmware unified_ip_phone_9951 unified_ip_phone_9971- EPSS Score: %0.35
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-0600
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.... Read more
Affected Products : unified_ip_phones_9900_series_firmware unified_ip_phone_9951 unified_ip_phone_9971- EPSS Score: %0.93
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2015-0589
The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.... Read more
Affected Products : webex_meetings_server- EPSS Score: %0.74
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2014-9203
Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 L... Read more
- EPSS Score: %0.76
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0605
The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug ID CSCzv54343.... Read more
- EPSS Score: %0.58
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-0604
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.... Read more
- EPSS Score: %0.18
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
4.6
MEDIUMCVE-2015-0603
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474.... Read more
Affected Products : unified_ip_phones_9900_series_firmware unified_ip_phone_9951 unified_ip_phone_9971- EPSS Score: %0.06
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
4.6
MEDIUMCVE-2015-0601
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.... Read more
- EPSS Score: %0.26
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
6.3
MEDIUMCVE-2013-5557
The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP req... Read more
Affected Products : adaptive_security_appliance_software- EPSS Score: %0.34
- Published: Feb. 07, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1514
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL comman... Read more
Affected Products : famoc- EPSS Score: %0.36
- Published: Feb. 06, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1513
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.... Read more
Affected Products : siphone_enterprise_pbx- EPSS Score: %0.31
- Published: Feb. 06, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-1512
Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC before 3.17.4 allow remote attackers to inject arbitrary web script or HTML via the (1) LoginForm[username] to ui/system/login or the (2) order or (3) myorgs to index.php.... Read more
Affected Products : famoc- EPSS Score: %0.25
- Published: Feb. 06, 2015
- Modified: Apr. 12, 2025