Export limit exceeded: 13779 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10144 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-0408 | 6 Canonical, Debian, Novell and 3 more | 11 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | ||||
| CVE-2015-0418 | 3 Debian, Opensuse, Oracle | 3 Debian Linux, Opensuse, Vm Virtualbox | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377. | ||||
| CVE-2015-0564 | 5 Debian, Opensuse, Oracle and 2 more | 6 Debian Linux, Opensuse, Linux and 3 more | 2025-04-12 | N/A |
| Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session. | ||||
| CVE-2015-1420 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-12 | N/A |
| Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function. | ||||
| CVE-2015-1382 | 3 Debian, Opensuse, Privoxy | 3 Debian Linux, Opensuse, Privoxy | 2025-04-12 | N/A |
| parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header. | ||||
| CVE-2015-0860 | 2 Canonical, Debian | 2 Ubuntu Linux, Dpkg | 2025-04-12 | N/A |
| Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow. | ||||
| CVE-2015-0861 | 2 Debian, Tryton | 2 Debian Linux, Trytond | 2025-04-12 | N/A |
| model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records. | ||||
| CVE-2015-2559 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2025-04-12 | N/A |
| Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL. | ||||
| CVE-2015-1289 | 4 Debian, Google, Opensuse and 1 more | 8 Debian Linux, Chrome, Opensuse and 5 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2015-2695 | 6 Canonical, Debian, Mit and 3 more | 9 Ubuntu Linux, Debian Linux, Kerberos 5 and 6 more | 2025-04-12 | N/A |
| lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. | ||||
| CVE-2015-2696 | 5 Canonical, Debian, Mit and 2 more | 8 Ubuntu Linux, Debian Linux, Kerberos 5 and 5 more | 2025-04-12 | N/A |
| lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. | ||||
| CVE-2015-2697 | 6 Canonical, Debian, Mit and 3 more | 9 Ubuntu Linux, Debian Linux, Kerberos 5 and 6 more | 2025-04-12 | N/A |
| The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. | ||||
| CVE-2015-2736 | 6 Canonical, Debian, Mozilla and 3 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2025-04-12 | N/A |
| The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive. | ||||
| CVE-2015-1282 | 4 Debian, Google, Opensuse and 1 more | 8 Debian Linux, Chrome, Opensuse and 5 more | 2025-04-12 | N/A |
| Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2) Document::DoFieldDelay functions. | ||||
| CVE-2015-3279 | 4 Canonical, Debian, Linuxfoundation and 1 more | 4 Ubuntu Linux, Debian Linux, Cups-filters and 1 more | 2025-04-12 | N/A |
| Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow. | ||||
| CVE-2016-3166 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2025-04-12 | N/A |
| CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers. | ||||
| CVE-2015-1235 | 4 Canonical, Debian, Google and 1 more | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2025-04-12 | N/A |
| The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element. | ||||
| CVE-2015-1242 | 4 Canonical, Debian, Google and 1 more | 5 Ubuntu Linux, Debian Linux, Chrome and 2 more | 2025-04-12 | N/A |
| The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization. | ||||
| CVE-2015-1271 | 4 Debian, Google, Opensuse and 1 more | 8 Debian Linux, Chrome, Opensuse and 5 more | 2025-04-12 | N/A |
| PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation. | ||||
| CVE-2015-1276 | 4 Debian, Google, Opensuse and 1 more | 8 Debian Linux, Chrome, Opensuse and 5 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation. | ||||