Total
10068 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5014 | 1 Ibm | 1 Cognos Disclosure Management | 2024-02-04 | 9.3 HIGH | N/A |
| IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation. | |||||
| CVE-2016-1982 | 1 Privoxy | 1 Privoxy | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. | |||||
| CVE-2015-8720 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2015-4992 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-04 | 3.5 LOW | N/A |
| IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2016-2562 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 5.8 MEDIUM | 6.8 MEDIUM |
| The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-1942 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2024-02-04 | 9.3 HIGH | N/A |
| The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to write to arbitrary files, and subsequently execute these files, via a crafted TCP packet to an unspecified port. | |||||
| CVE-2015-4638 | 1 F5 | 10 Big-ip Advanced Firewall Manager, Big-ip Analytics, Big-ip Application Security Manager and 7 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet. | |||||
| CVE-2015-5780 | 1 Apple | 1 Safari | 2024-02-04 | 10.0 HIGH | N/A |
| The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors. | |||||
| CVE-2015-8747 | 1 Radicale | 1 Radicale | 2024-02-04 | 7.5 HIGH | 10.0 CRITICAL |
| The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name. | |||||
| CVE-2015-8740 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | 5.3 MEDIUM |
| The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | |||||
| CVE-2016-1382 | 1 Cisco | 2 Web Security Appliance, Web Security Appliance \(wsa\) | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529. | |||||
| CVE-2016-2850 | 2 Botan Project, Fedoraproject | 2 Botan, Fedora | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | |||||
| CVE-2015-0751 | 1 Cisco | 2 Ip Phone 7861, Unified Communications Manager | 2024-02-04 | 7.8 HIGH | N/A |
| Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800. | |||||
| CVE-2016-1271 | 1 Juniper | 1 Junos | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via crafted combinations of CLI commands and arguments, a different vulnerability than CVE-2015-3003, CVE-2014-3816, and CVE-2014-0615. | |||||
| CVE-2016-1288 | 1 Cisco | 1 Web Security Appliance | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840. | |||||
| CVE-2015-8734 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2015-3758 | 1 Apple | 1 Iphone Os | 2024-02-04 | 4.3 MEDIUM | N/A |
| UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL. | |||||
| CVE-2015-5311 | 1 Powerdns | 1 Authoritative | 2024-02-04 | 5.0 MEDIUM | N/A |
| PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets. | |||||
| CVE-2016-4545 | 1 F5 | 9 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 6 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake. | |||||
| CVE-2015-6987 | 1 Apple | 1 Mac Os X | 2024-02-04 | 2.1 LOW | N/A |
| The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder. | |||||