Export limit exceeded: 15278 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15278 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7102 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103. | ||||
| CVE-2015-8645 | 6 Adobe, Apple, Google and 3 more | 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more | 2025-04-12 | N/A |
| Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636. | ||||
| CVE-2015-7097 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. | ||||
| CVE-2015-7090 | 1 Apple | 1 Quicktime | 2025-04-12 | N/A |
| Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | ||||
| CVE-2016-2108 | 3 Google, Openssl, Redhat | 13 Android, Openssl, Enterprise Linux and 10 more | 2025-04-12 | N/A |
| The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue. | ||||
| CVE-2016-10012 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2025-04-12 | N/A |
| The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures. | ||||
| CVE-2016-9933 | 3 Libgd, Php, Redhat | 3 Libgd, Php, Rhel Software Collections | 2025-04-12 | N/A |
| Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value. | ||||
| CVE-2015-7074 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | N/A |
| CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. | ||||
| CVE-2015-7049 | 1 Apple | 1 Xcode | 2025-04-12 | N/A |
| otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057. | ||||
| CVE-2015-7033 | 1 Apple | 4 Iwork, Keynote, Numbers and 1 more | 2025-04-12 | N/A |
| The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted document. | ||||
| CVE-2014-3952 | 1 Freebsd | 1 Freebsd | 2025-04-12 | N/A |
| FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspecified vectors. | ||||
| CVE-2014-4051 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2784. | ||||
| CVE-2015-7014 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | ||||
| CVE-2015-3456 | 3 Qemu, Redhat, Xen | 7 Qemu, Enterprise Linux, Enterprise Virtualization and 4 more | 2025-04-12 | N/A |
| The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. | ||||
| CVE-2014-3888 | 1 Yokogawa | 15 B\/m9000 Vp, B\/m9000 Vp Software, B\/m9000cs and 12 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2015-6989 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls. | ||||
| CVE-2014-0583 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors. | ||||
| CVE-2014-4067 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4055. | ||||
| CVE-2015-6974 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2014-3597 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Software Collections | 2025-04-12 | N/A |
| Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. | ||||