Total
9733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3379 | 1 Cisco | 3 Ios Xr, Network Convergence System 6000, Network Convergence System 6008 | 2024-02-28 | 6.1 MEDIUM | N/A |
| Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466. | |||||
| CVE-2014-3273 | 1 Cisco | 1 Ios | 2024-02-28 | 6.1 MEDIUM | N/A |
| The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282. | |||||
| CVE-2015-0635 | 1 Cisco | 2 Ios, Ios Xe | 2024-02-28 | 9.0 HIGH | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191. | |||||
| CVE-2014-2852 | 1 Openafs | 1 Openafs | 2024-02-28 | 5.0 MEDIUM | N/A |
| OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet. | |||||
| CVE-2015-0268 | 1 Xen | 1 Xen | 2024-02-28 | 4.9 MEDIUM | N/A |
| The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (host crash) by writing an invalid value to the GICD.SGIR register. | |||||
| CVE-2014-3285 | 1 Cisco | 1 Wide Area Application Services | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674. | |||||
| CVE-2014-6327 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6329 and CVE-2014-6376. | |||||
| CVE-2015-0523 | 1 Emc | 2 Rsa Certificate Manager, Rsa Registration Manager | 2024-02-28 | 7.8 HIGH | N/A |
| EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header. | |||||
| CVE-2013-6486 | 1 Pidgin | 1 Pidgin | 2024-02-28 | 9.3 HIGH | N/A |
| gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185. | |||||
| CVE-2014-0022 | 1 Baseurl | 1 Yum | 2024-02-28 | 5.0 MEDIUM | N/A |
| The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package. | |||||
| CVE-2014-5120 | 1 Php | 1 Php | 2024-02-28 | 6.4 MEDIUM | N/A |
| gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function. | |||||
| CVE-2014-2169 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2024-02-28 | 9.0 HIGH | N/A |
| Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to internal system scripts, aka Bug ID CSCue60211. | |||||
| CVE-2015-1142 | 1 Apple | 1 Mac Os X | 2024-02-28 | 2.1 LOW | N/A |
| LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data. | |||||
| CVE-2014-3573 | 1 Redhat | 1 Enterprise Virtualization Manager | 2024-02-28 | 6.5 MEDIUM | N/A |
| The oVirt Engine backend module, as used in Red Hat Enterprise Virtualization Manager before 3.4.2, uses an "insecure DocumentBuilderFactory," which allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML/RSDL document, related to an XML External Entity (XXE) issue. | |||||
| CVE-2014-1590 | 1 Mozilla | 4 Firefox, Firefox Esr, Seamonkey and 1 more | 2024-02-28 | 4.3 MEDIUM | N/A |
| The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object. | |||||
| CVE-2014-2109 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
| The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494. | |||||
| CVE-2015-1103 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-28 | 7.5 HIGH | N/A |
| The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet. | |||||
| CVE-2014-2195 | 1 Cisco | 3 Asyncos, Content Security Management Appliance, Email Security Appliance Firmware | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085. | |||||
| CVE-2014-2193 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084. | |||||
| CVE-2012-0052 | 1 Redhat | 1 Jboss Operations Network | 2024-02-28 | 5.8 MEDIUM | N/A |
| Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name. | |||||