CVE-2014-1894

Technical details for CVE-2014-1894 are not publicly available in the provided documents. Monitor for updates.

wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)

REJECTED CVE A denial of service flaw was found in the way WTP dissector of Wireshark, a network traffic analyzer, performed dissection of certain WTP packet capture files. A remote attacker could provide a specially-crafted WTP packet / packet capture that, once processed, would lead to excessiv...

Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service (cisco-sa-20140326-RSP72010GE)

A vulnerability exists in Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks that could allow a remote, unauthenticated attacker to cause the route processor to reboot or stop forwarding traffic, resulting in a denial of service condition. This vulnerability affects...

Ruby on Rails JSON Processor YAML Deserialization Code Execution - Ver2 (CVE-2013-0333)

A code execution vulnerability has been reported in Ruby on Rails. The vulnerability is due to an input validation error when JSON Processor deserializes YAML. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code within the context of the underlying web serve...

CVE-2014-2107

Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service route switch processor outage via crafted IP packets, aka Bug ID CSCug84789...

Code injection

Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service route switch processor outage via crafted IP packets, aka Bug ID CSCug84789...

CVE-2014-2107

Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service route switch processor outage via crafted IP packets, aka Bug ID CSCug84789...

[oCERT-2014-002] Xalan-Java insufficient secure processing

2014-002 Xalan-Java insufficient secure processing Description: The Xalan-Java library is a popular XSLT processor from the Apache Software Foundation. The library implements the Java API for XML Processing JAXP which supports a secure processing feature for interpretive and XSLCT processors. The...

Debian Security Advisory DSA 2886-1 (libxalan2-java - security update)

Nicolas Gregoire discovered several vulnerabilities in libxalan2-java, a Java library for XSLT processing. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution. OpenVAS Vulnerability Test $Id...

[ProcessThreadsView] View process threads information

ProcessThreadsView is a small utility that displays extensive information about all threads of the process that you choose. The threads information includes the ThreadID, Context Switches Count, Priority, Created Time, User/Kernel Time, Number of Windows, Window Title, Start Address, and more. Wh...

hw: AMD CPU erratum may cause core hang

The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service system hang via a crafted application, aka the errata 793 issue...

XDA Forum hackers again proof Sony Xperia Z2 UI-bug warning-the black bar safety net

Recently a senior XDA developer Forum member in the online release of more than one Xperia Z2 real machine picture, and shows the phone running Android 4.3 system, using the new UI, the phone use is very unstable, the UI has been crashing. Today, the XDA member latest release of the Xperia Z2...

On the use of Adobe 0day – CVE-2 0 1 4-0 5 0 2 attack behavior analysis-vulnerability warning-the black bar safety net

The other day FireEye released a use AdobeFlash new 0day attack report, and Adobe has been based on vulnerabilities released a security update. According to FireEye report, many sites will redirect visitors to the following contain a Trojan the malicious Server: Peterson Institute for...

DEBIAN-CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...

ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...

ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...

A Problem of CPU Consumption in Host Data Collector bundled with Hitachi Device Manager Software

Overview Host Data Collector bundled with Hitachi Device Manager Software contains a problem of CPU consumption. Impact When Host Data Collector receives a malicious unexpected request, a process of Host Data Collector might consume CPU resources. Solution Please refer to the 'Vendor Information'...

UBUNTU-CVE-2013-5987

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors...

Juniper Networks Junos OS DoS Vulnerability in XNM Command Processor

Denial of Service vulnerability in XNM command processor. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...