Total
13178 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3694 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | 6.8 MEDIUM | N/A |
| FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719. | |||||
| CVE-2014-8514 | 1 Schneider Electric | 1 Proclima | 2025-04-12 | 7.5 HIGH | N/A |
| Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. | |||||
| CVE-2015-7048 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. | |||||
| CVE-2016-2851 | 3 Cypherpunks, Debian, Opensuse | 4 Libotr, Debian Linux, Leap and 1 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-9150 | 1 Paloaltonetworks | 1 Pan-os | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2015-7201 | 3 Fedoraproject, Mozilla, Opensuse | 4 Fedora, Firefox, Leap and 1 more | 2025-04-12 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2014-4485 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | 7.5 HIGH | N/A |
| Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | |||||
| CVE-2015-1495 | 1 Motorola | 1 Motorola Scanner Sdk | 2025-04-12 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx. | |||||
| CVE-2014-8145 | 3 Debian, Oracle, Sound Exchange Project | 3 Debian Linux, Solaris, Sound Exchange | 2025-04-12 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function. | |||||
| CVE-2014-8369 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Evergreen and 2 more | 2025-04-12 | 4.6 MEDIUM | 7.8 HIGH |
| The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601. | |||||
| CVE-2016-0213 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0216. | |||||
| CVE-2015-6166 | 1 Microsoft | 1 Silverlight | 2025-04-12 | 9.3 HIGH | N/A |
| Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read or write access) via unspecified open and close requests, aka "Microsoft Silverlight RCE Vulnerability." | |||||
| CVE-2016-7870 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2015-3869 | 1 Google | 1 Android | 2025-04-12 | 10.0 HIGH | N/A |
| libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23036083. | |||||
| CVE-2016-3861 | 1 Google | 1 Android | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543. | |||||
| CVE-2014-0311 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305. | |||||
| CVE-2016-3358 | 1 Microsoft | 6 Excel, Excel For Mac, Excel Viewer and 3 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2016-0084 | 1 Microsoft | 1 Edge | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | |||||
| CVE-2015-8384 | 1 Pcre | 1 Perl Compatible Regular Expression Library | 2025-04-12 | 7.5 HIGH | N/A |
| PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395. | |||||
| CVE-2014-3243 | 1 Makina-corpus | 1 Soappy | 2025-04-12 | 5.0 MEDIUM | N/A |
| SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing a large number of nested entity references. | |||||