CVE-2014-1745

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to...

CVE-2014-1745

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to...

CVE-2014-1745

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to...

CVE-2014-1745

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to...

CVE-2014-1745

CVE-2014-1745 is a use-after-free in Blink’s SVG handling (SVGFontFaceElement) that affects Google Chrome prior to 35.0.1916.114. The vulnerability arises when an SVGFontFaceElement is removed, potentially allowing a denial of service and possibly additional unspecified impacts. The core issue is...

Code injection

The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service device reload via a malformed packet, aka Bug ID CSCum96282...

CVE-2014-3273

CVE-2014-3273 affects Cisco IOS LLDP processing. The vulnerability arises from incorrect handling of malformed LLDP packets, enabling an adjacent unauthenticated attacker to cause a device reload. Exploitation details indicate the attack requires LLDP to be enabled and, per Nessus guidance, CIP m...

CVE-2014-3271

Cisco IOS XR DHCPv6 implementation is vulnerable to denial of service via malformed DHCPv6 packets, causing process crash. Affected: Cisco IOS XR devices configured with DHCPv6 server functionality. Root cause: incorrect handling of malformed DHCPv6 packets. Impact: device crash (DoS). Mitigation...

Debian DSA-2932-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. -...

[SECURITY] [DSA 2933-1] qemu-kvm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2933-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2932-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command...

CVE-2014-3262

CVE-2014-3262 affects Cisco IOS 15.3(3)S and earlier and IOS XE. The issue is improper validation of parameters in ITR control messages for Locator/ID Separation Protocol (LISP) processing, allowing a remote, unauthenticated attacker to trigger a denial of service by sending malformed LISP contro...

CVE-2014-1740

Removed by vendor...

Design/Logic Flaw

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

CVE-2014-3214

The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...

CVE-2014-3214

The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...

SOL15250 - BIND vulnerability CVE-2014-3214

The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes. CVE-2014-3214...

Cisco TelePresence TC and TE Software Multiple Vulnerabilities (cisco-sa-20140430-tcte)

The version of Cisco TelePresence TC or TE software running on the remote host is affected by one or more of the following issues : - A denial of service vulnerability exists due to a flaw in the SIP implementation, potentially allowing a remote attacker to cause a device reload by sending crafte...

CVE-2014-2166

The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service device reload via crafted SIP packets, aka Bug ID CSCto70562...

Code injection

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service device reload via crafted SIP packets, aka Bug ID CSCud29566...