Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-6342 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348. | |||||
CVE-2015-0048 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0028. | |||||
CVE-2014-3567 | 1 Openssl | 1 Openssl | 2024-02-28 | 7.1 HIGH | N/A |
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure. | |||||
CVE-2014-5410 | 1 Rockwellautomation | 1 Ab Micrologix Controller | 2024-02-28 | 7.1 HIGH | N/A |
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line. | |||||
CVE-2015-0023 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0025. | |||||
CVE-2015-0018 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0037, CVE-2015-0040, and CVE-2015-0066. | |||||
CVE-2014-4814 | 1 Ibm | 1 Websphere Portal | 2024-02-28 | 3.5 LOW | N/A |
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 does not properly detect recursion during entity expansion, which allows remote authenticated users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | |||||
CVE-2014-2580 | 1 Xen | 1 Xen | 2024-02-28 | 4.4 MEDIUM | N/A |
The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface. | |||||
CVE-2014-1770 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function. | |||||
CVE-2014-8004 | 1 Cisco | 1 Ios Xr | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378. | |||||
CVE-2014-1811 | 1 Microsoft | 8 Windows 7, Windows 8, Windows 8.1 and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka "TCP Denial of Service Vulnerability." | |||||
CVE-2014-8480 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | N/A |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. | |||||
CVE-2014-9465 | 2 Fedoraproject, Zarafa | 3 Fedora, Webapp, Zarafa Collaboration Platform | 2024-02-28 | 5.0 MEDIUM | N/A |
senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading a large number of files. | |||||
CVE-2014-1763 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. | |||||
CVE-2015-1077 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2015-0015 | 1 Microsoft | 3 Windows Server 2003, Windows Server 2008, Windows Server 2012 | 2024-02-28 | 7.8 HIGH | N/A |
Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability." | |||||
CVE-2015-0038 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0042 and CVE-2015-0046. | |||||
CVE-2015-1349 | 1 Isc | 1 Bind | 2024-02-28 | 5.4 MEDIUM | N/A |
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. | |||||
CVE-2014-5471 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.0 MEDIUM | N/A |
Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. | |||||
CVE-2014-1699 | 1 Siemens | 1 Simatic Wincc Open Architecture | 2024-02-28 | 5.0 MEDIUM | N/A |
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. |