Total
1910 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4864 | 4 Canonical, Mariadb, Oracle and 1 more | 10 Ubuntu Linux, Mariadb, Mysql and 7 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. | |||||
| CVE-2015-4757 | 6 Canonical, Debian, Mariadb and 3 more | 11 Ubuntu Linux, Debian Linux, Mariadb and 8 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. | |||||
| CVE-2014-3467 | 5 Debian, F5, Gnu and 2 more | 16 Debian Linux, Arx, Arx Firmware and 13 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. | |||||
| CVE-2016-0758 | 3 Canonical, Linux, Redhat | 9 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 6 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. | |||||
| CVE-2016-8864 | 4 Debian, Isc, Netapp and 1 more | 11 Debian Linux, Bind, Data Ontap Edge and 8 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. | |||||
| CVE-2015-4879 | 6 Canonical, Debian, Fedoraproject and 3 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2025-04-12 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML. | |||||
| CVE-2015-4147 | 3 Apple, Php, Redhat | 8 Mac Os X, Php, Enterprise Linux Desktop and 5 more | 2025-04-12 | 7.5 HIGH | N/A |
| The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue. | |||||
| CVE-2016-1692 | 6 Canonical, Debian, Google and 3 more | 9 Ubuntu Linux, Debian Linux, Chrome and 6 more | 2025-04-12 | 4.3 MEDIUM | 5.3 MEDIUM |
| WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | |||||
| CVE-2016-7796 | 3 Novell, Redhat, Systemd Project | 9 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Server For Sap and 6 more | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled. | |||||
| CVE-2015-0433 | 6 Canonical, Debian, Mariadb and 3 more | 15 Ubuntu Linux, Debian Linux, Mariadb and 12 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML. | |||||
| CVE-2014-1493 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2014-1523 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | |||||
| CVE-2015-0441 | 6 Canonical, Debian, Mariadb and 3 more | 13 Ubuntu Linux, Debian Linux, Mariadb and 10 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption. | |||||
| CVE-2014-6568 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. | |||||
| CVE-2014-1514 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class. | |||||
| CVE-2015-0505 | 6 Canonical, Debian, Mariadb and 3 more | 14 Ubuntu Linux, Debian Linux, Mariadb and 11 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. | |||||
| CVE-2016-2107 | 8 Canonical, Debian, Google and 5 more | 15 Ubuntu Linux, Debian Linux, Android and 12 more | 2025-04-12 | 2.6 LOW | 5.9 MEDIUM |
| The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. | |||||
| CVE-2014-1518 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2014-2436 | 3 Mariadb, Oracle, Redhat | 9 Mariadb, Mysql, Solaris and 6 more | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. | |||||
| CVE-2014-7300 | 2 Gnome, Redhat | 5 Gnome-shell, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 2 more | 2025-04-12 | 7.2 HIGH | N/A |
| GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer. | |||||