Total
5530 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-3145 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-02-04 | 4.9 MEDIUM | N/A |
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. | |||||
CVE-2014-8483 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Opensuse and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. | |||||
CVE-2012-5130 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-04 | 5.0 MEDIUM | N/A |
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2013-0767 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Firefox Esr and 12 more | 2024-02-04 | 10.0 HIGH | N/A |
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2012-5110 | 1 Google | 1 Chrome | 2024-02-04 | 5.0 MEDIUM | N/A |
The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2013-0778 | 3 Canonical, Mozilla, Opensuse | 7 Ubuntu Linux, Firefox, Firefox Esr and 4 more | 2024-02-04 | 9.3 HIGH | N/A |
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2012-3995 | 4 Canonical, Mozilla, Redhat and 1 more | 13 Ubuntu Linux, Firefox, Firefox Esr and 10 more | 2024-02-04 | 9.3 HIGH | N/A |
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2012-1798 | 4 Debian, Imagemagick, Opensuse and 1 more | 10 Debian Linux, Imagemagick, Opensuse and 7 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. | |||||
CVE-2011-3057 | 1 Google | 1 Chrome | 2024-02-04 | 4.3 MEDIUM | N/A |
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. | |||||
CVE-2011-3059 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2013-0779 | 3 Canonical, Mozilla, Opensuse | 7 Ubuntu Linux, Firefox, Firefox Esr and 4 more | 2024-02-04 | 9.3 HIGH | N/A |
The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-3060 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2013-0888 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads." | |||||
CVE-2012-5109 | 1 Google | 1 Chrome | 2024-02-04 | 5.0 MEDIUM | N/A |
The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression. | |||||
CVE-2012-0259 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. | |||||
CVE-2011-3066 | 1 Google | 1 Chrome | 2024-02-04 | 6.8 MEDIUM | N/A |
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-1122 | 1 Google | 1 Chrome | 2024-02-04 | 5.0 MEDIUM | N/A |
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. | |||||
CVE-2011-3970 | 3 Google, Suse, Xmlsoft | 5 Chrome, Linux Enterprise Desktop, Linux Enterprise Server and 2 more | 2024-02-04 | 4.3 MEDIUM | N/A |
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-1192 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-3910 | 1 Google | 1 Chrome | 2024-02-04 | 5.0 MEDIUM | N/A |
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |