Canonical » Ubuntu Linux : Security Vulnerabilities, CVEs, Published In 2014 (Denial of service)
The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.
Max CVSS
5.0
EPSS Score
2.22%
Published
2014-12-16
Updated
2021-03-05
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
Max CVSS
7.5
EPSS Score
6.25%
Published
2014-11-26
Updated
2016-12-03
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
Max CVSS
7.5
EPSS Score
1.66%
Published
2014-12-01
Updated
2023-05-18
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
Max CVSS
5.0
EPSS Score
7.30%
Published
2014-11-20
Updated
2018-10-30
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
Max CVSS
4.3
EPSS Score
65.15%
Published
2014-12-11
Updated
2016-11-28
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
Max CVSS
5.0
EPSS Score
1.11%
Published
2014-11-13
Updated
2018-10-30
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
Max CVSS
5.5
EPSS Score
0.06%
Published
2014-11-10
Updated
2020-08-13
Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.
Max CVSS
7.5
EPSS Score
0.65%
Published
2014-11-05
Updated
2016-12-03
libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.
Max CVSS
7.5
EPSS Score
0.65%
Published
2014-11-05
Updated
2016-12-03
libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.
Max CVSS
7.5
EPSS Score
0.44%
Published
2014-11-05
Updated
2016-12-03
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data.
Max CVSS
7.5
EPSS Score
0.41%
Published
2014-11-05
Updated
2016-12-03
libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.
Max CVSS
7.5
EPSS Score
0.95%
Published
2014-11-05
Updated
2019-03-05
libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data.
Max CVSS
7.5
EPSS Score
0.65%
Published
2014-11-05
Updated
2016-12-03
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
Max CVSS
7.5
EPSS Score
0.92%
Published
2014-12-09
Updated
2017-07-01
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.
Max CVSS
7.5
EPSS Score
0.67%
Published
2014-12-09
Updated
2017-07-01
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.
Max CVSS
7.5
EPSS Score
0.67%
Published
2014-12-09
Updated
2017-07-01
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable.
Max CVSS
7.5
EPSS Score
1.07%
Published
2014-12-09
Updated
2017-07-01
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.
Max CVSS
7.5
EPSS Score
5.10%
Published
2014-12-09
Updated
2017-07-01
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.
Max CVSS
5.0
EPSS Score
4.08%
Published
2014-12-09
Updated
2017-07-01
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
Max CVSS
5.0
EPSS Score
3.31%
Published
2014-11-06
Updated
2018-10-30
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-12-19
Updated
2023-02-13
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.
Max CVSS
5.0
EPSS Score
16.95%
Published
2014-12-29
Updated
2018-10-30
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
Max CVSS
5.0
EPSS Score
3.20%
Published
2014-12-17
Updated
2018-01-05
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
Max CVSS
5.0
EPSS Score
3.20%
Published
2014-12-17
Updated
2018-01-05
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
Max CVSS
6.8
EPSS Score
0.59%
Published
2014-12-03
Updated
2020-05-12