CVE-2014-9328 (clamav, fedora)

National Cyber Awareness System Vulnerability Summary for CVE-2014-9328 Original release date: 02/03/2015 Last revised: 02/04/2015 Source: US-CERT/NIST Overview ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a “heap out of bounds condition.” Impact CVSS Severity (version 2.0): Impact Subscore: 6.4 […]

CVE-2015-0313 (flash_player)

National Cyber Awareness System Vulnerability Summary for CVE-2015-0313 Original release date: 02/02/2015 Last revised: 02/04/2015 Source: US-CERT/NIST Overview Unspecified vulnerability in Adobe Flash Player through 13.0.0.264 and 14.x, 15.x, and 16.x through 16.0.0.296 on Windows and OS X and through 11.2.202.440 on Linux allows remote attackers to execute arbitrary code […]

CVE-2015-0223 (qpid)

National Cyber Awareness System Vulnerability Summary for CVE-2015-0223 Original release date: 02/02/2015 Last revised: 02/04/2015 Source: US-CERT/NIST Overview Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling. Impact CVSS Severity (version 2.0): Impact Subscore: […]

CVE-2014-8613 (freebsd)

National Cyber Awareness System Vulnerability Summary for CVE-2014-8613 Original release date: 02/02/2015 Last revised: 02/04/2015 Source: US-CERT/NIST Overview The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel […]

CVE-2014-8612 (freebsd)

National Cyber Awareness System Vulnerability Summary for CVE-2014-8612 Original release date: 02/02/2015 Last revised: 02/04/2015 Source: US-CERT/NIST Overview Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) […]

CVE-2014-0998 (freebsd)

National Cyber Awareness System Vulnerability Summary for CVE-2014-0998 Original release date: 02/02/2015 Last revised: 02/04/2015 Source: US-CERT/NIST Overview Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 10.1 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in […]

CVE-2014-4632 (vsphere_data_protection)

NVD – Detail Mission and Overview NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA). Resource Status NVD contains: Last updated: 2/3/2015 2:35:22 PM CVE Publication rate: 24.43 Email List NVD provides four mailing […]

CVE-2014-8370 (esxi, fusion, player, workstation)

National Cyber Awareness System Vulnerability Summary for CVE-2014-8370 Original release date: 01/29/2015 Last revised: 02/02/2015 Source: US-CERT/NIST Overview VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause […]