Total
9733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2183 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2024-02-28 | 6.3 MEDIUM | N/A |
| The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973. | |||||
| CVE-2014-6209 | 1 Ibm | 1 Db2 | 2024-02-28 | 4.0 MEDIUM | N/A |
| IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement. | |||||
| CVE-2014-2957 | 1 Exim | 1 Exim | 2024-02-28 | 6.8 MEDIUM | N/A |
| The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function. | |||||
| CVE-2015-2055 | 1 Zhone Technologies | 2 Gpon 2520, Gpon 2520 Firmware | 2024-02-28 | 7.8 HIGH | N/A |
| Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter. | |||||
| CVE-2015-0693 | 1 Cisco | 1 Web Security Appliance | 2024-02-28 | 7.2 HIGH | N/A |
| Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via a crafted pickle file, aka Bug ID CSCut39259. | |||||
| CVE-2014-7278 | 1 Zyxel | 2 Sbg3300-n, Sbg3300-n Firmware | 2024-02-28 | 5.0 MEDIUM | N/A |
| The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginMsg variable's value, a different vulnerability than CVE-2014-7277. | |||||
| CVE-2014-3955 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 5.0 MEDIUM | N/A |
| routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network. | |||||
| CVE-2014-3299 | 1 Cisco | 1 Ios | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745. | |||||
| CVE-2013-2191 | 3 Fedoraproject, Opensuse, Python Bugzilla Project | 3 Fedora, Opensuse, Python-bugzilla | 2024-02-28 | 4.3 MEDIUM | N/A |
| python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate. | |||||
| CVE-2012-6152 | 1 Pidgin | 1 Pidgin | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences. | |||||
| CVE-2014-3263 | 1 Cisco | 1 Ios | 2024-02-28 | 5.4 MEDIUM | N/A |
| The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038. | |||||
| CVE-2014-1346 | 1 Apple | 1 Safari | 2024-02-28 | 5.0 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL. | |||||
| CVE-2014-2162 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2024-02-28 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCud29566. | |||||
| CVE-2015-1131 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | N/A |
| fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. | |||||
| CVE-2015-0642 | 1 Cisco | 2 Ios, Ios Xe | 2024-02-28 | 7.8 HIGH | N/A |
| Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951. | |||||
| CVE-2015-2790 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2024-02-28 | 4.3 MEDIUM | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. | |||||
| CVE-2015-0137 | 1 Ibm | 1 Powervc | 2024-02-28 | 4.3 MEDIUM | N/A |
| IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management Console (HMC) certificates only during the pre-login stage, which allows man-in-the-middle attackers to spoof devices via a crafted certificate. | |||||
| CVE-2013-3988 | 1 Ibm | 1 Sametime | 2024-02-28 | 6.8 MEDIUM | N/A |
| The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2013-1869 | 1 Redhat | 2 Satellite, Spacewalk-java | 2024-02-28 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter. | |||||
| CVE-2014-0117 | 2 Apache, Apple | 2 Http Server, Mac Os X | 2024-02-28 | 4.3 MEDIUM | N/A |
| The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header. | |||||