VulnerableCode Vulnerability Details - VCID-hghm-mfvp-1ufk

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-hghm-mfvp-1ufk

Essentials
Severities (9)
References (11)
Severity details (0)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-hghm-mfvp-1ufk
Aliases	CVE-2014-8146
Summary	Multiple vulnerabilities have been found in International Components for Unicode, allowing attackers to execute arbitrary code or cause a Denial of Service condition.
Status	Published
Exploitability	2.0
Weighted Severity	0.2
Risk	0.4
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-122	Heap-based Buffer Overflow
CWE-787	Out-of-bounds Write

System	Score	Found at
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146
epss	0.25808	https://api.first.org/data/v1/epss?cve=CVE-2014-8146

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json
		https://api.first.org/data/v1/epss?cve=CVE-2014-8146
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
1176197		https://bugzilla.redhat.com/show_bug.cgi?id=1176197
784773		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773
CVE-2014-8147;CVE-2014-8146	Exploit	https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt
CVE-2014-8147;CVE-2014-8146	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt
GLSA-201507-04		https://security.gentoo.org/glsa/201507-04
USN-2605-1		https://usn.ubuntu.com/2605-1/

Data source	Exploit-DB
Date added	Jan. 25, 2018
Description	ICU library 52 < 54 - Multiple Vulnerabilities
Ransomware campaign use	Unknown
Source publication date	June 10, 2015
Exploit type	local
Platform	multiple
Source update date	Jan. 25, 2018
Source URL	https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.9622
EPSS Score	0.25808
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:01:09.342818+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201507-04	38.0.0