Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

5.0

MEDIUM

CVE-2014-8652

Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681....

Affected Products : e3
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2014-8559

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application....

Affected Products : linux_kernel ubuntu_linux linux opensuse suse_linux_enterprise_server linux_enterprise_software_development_kit suse_linux_enterprise_desktop suse_linux_enterprise_server linux_enterprise_workstation_extension linux_enterprise_real_time_extension +1 more products
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
4.9

MEDIUM

CVE-2014-8481

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash)...

Affected Products : linux_kernel
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
4.9

MEDIUM

CVE-2014-8480

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer der...

Affected Products : linux_kernel
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2014-8369

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possib...

Affected Products : linux_kernel debian_linux suse_linux_enterprise_server linux_enterprise_real_time_extension evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2014-7826

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) vi...

Affected Products : linux_kernel suse_linux_enterprise_server evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2014-7825

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR prot...

Affected Products : linux_kernel
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
4.9

MEDIUM

CVE-2014-7207

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system...

Affected Products : linux_kernel
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2014-3690

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a d...

Affected Products : linux_kernel ubuntu_linux enterprise_linux debian_linux linux_enterprise_software_development_kit suse_linux_enterprise_desktop suse_linux_enterprise_server linux_enterprise_workstation_extension linux_enterprise_real_time_extension evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2014-3687

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork withi...

Affected Products : linux_kernel ubuntu_linux debian_linux linux enterprise_mrg suse_linux_enterprise_server linux_enterprise_software_development_kit suse_linux_enterprise_desktop suse_linux_enterprise_server linux_enterprise_workstation_extension +2 more products
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2014-3673

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c....

Affected Products : linux_kernel ubuntu_linux enterprise_linux debian_linux linux enterprise_mrg suse_linux_enterprise_server linux_enterprise_software_development_kit linux_enterprise_workstation_extension evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2014-3647

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application....

Affected Products : linux_kernel ubuntu_linux enterprise_linux debian_linux linux suse_linux_enterprise_server evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2014-3646

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application....

Affected Products : linux_kernel ubuntu_linux enterprise_linux debian_linux suse_linux_enterprise_server evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
2.1

LOW

CVE-2014-3645

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application....

Affected Products : linux_kernel
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
4.7

MEDIUM

CVE-2014-3611

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation....

Affected Products : linux_kernel ubuntu_linux enterprise_linux debian_linux
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
5.5

MEDIUM

CVE-2014-3610

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS cras...

Affected Products : linux_kernel ubuntu_linux debian_linux suse_linux_enterprise_server evergreen
Published: Nov. 10, 2014

Modified: Apr. 12, 2025
5.0

MEDIUM

CVE-2014-7819

Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, ...

Affected Products : sprockets
Published: Nov. 08, 2014

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2014-7818

Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve_static_assets is enabled, allows ...

Affected Products : opensuse rails ruby_on_rails actionpack
Published: Nov. 08, 2014

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2014-6300

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cr...

Affected Products : phpmyadmin opensuse
Published: Nov. 08, 2014

Modified: Apr. 12, 2025
3.5

LOW

CVE-2014-6161

Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL....

Affected Products : tivoli_netcool\/impact
Published: Nov. 08, 2014

Modified: Apr. 12, 2025

Showing 20 of 293704 Results

Browse by Apps

Latest CVE Feed

5.0

5.5

4.9

4.9

7.8

7.8

7.8

4.9

5.5

7.8

7.8

5.5

5.5

2.1

4.7

5.5

5.0

4.3

4.3

3.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable