Total
8120 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-0408 | 6 Canonical, Debian, Novell and 3 more | 8 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | |||||
CVE-2014-4258 | 6 Debian, Mariadb, Opensuse Project and 3 more | 12 Debian Linux, Mariadb, Suse Linux Enterprise Desktop and 9 more | 2024-02-04 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC. | |||||
CVE-2014-3166 | 5 Apple, Debian, Google and 2 more | 7 Iphone Os, Mac Os X, Debian Linux and 4 more | 2024-02-04 | 4.3 MEDIUM | N/A |
The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. | |||||
CVE-2014-4344 | 3 Debian, Mit, Redhat | 6 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 3 more | 2024-02-04 | 7.8 HIGH | N/A |
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation. | |||||
CVE-2014-3532 | 6 Debian, Freedesktop, Linux and 3 more | 6 Debian Linux, Dbus, Linux Kernel and 3 more | 2024-02-04 | 2.1 LOW | N/A |
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded. | |||||
CVE-2015-0377 | 3 Debian, Opensuse, Oracle | 3 Debian Linux, Opensuse, Vm Virtualbox | 2024-02-04 | 4.4 MEDIUM | N/A |
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418. | |||||
CVE-2015-3336 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2024-02-04 | 4.3 MEDIUM | N/A |
Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL. | |||||
CVE-2015-1246 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-04 | 5.0 MEDIUM | N/A |
Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2012-6656 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Glibc | 2024-02-04 | 5.0 MEDIUM | N/A |
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8. | |||||
CVE-2015-3333 | 3 Canonical, Debian, Google | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
CVE-2014-0456 | 6 Canonical, Debian, Ibm and 3 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
CVE-2015-0499 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Mysql and 1 more | 2024-02-04 | 3.5 LOW | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated. | |||||
CVE-2015-1821 | 2 Debian, Tuxfamily | 2 Debian Linux, Chrony | 2024-02-04 | 6.5 MEDIUM | N/A |
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder. | |||||
CVE-2014-1511 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. | |||||
CVE-2014-0459 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2024-02-04 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D. | |||||
CVE-2015-0383 | 7 Canonical, Debian, Fedoraproject and 4 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-02-04 | 5.4 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. | |||||
CVE-2014-2421 | 6 Canonical, Debian, Ibm and 3 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | |||||
CVE-2013-6645 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element. | |||||
CVE-2015-2189 | 5 Debian, Mageia, Opensuse and 2 more | 6 Debian Linux, Mageia, Opensuse and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet. | |||||
CVE-2014-3169 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2024-02-04 | 7.5 HIGH | N/A |
Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal. |