Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-0045 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0053. | |||||
CVE-2015-1227 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used. | |||||
CVE-2015-0579 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473. | |||||
CVE-2014-9472 | 3 Bestpractical, Debian, Fedoraproject | 3 Request Tracker, Debian Linux, Fedora | 2024-02-28 | 7.1 HIGH | N/A |
The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email. | |||||
CVE-2015-0039 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0027, CVE-2015-0035, CVE-2015-0052, and CVE-2015-0068. | |||||
CVE-2014-3565 | 3 Apple, Canonical, Net-snmp | 3 Mac Os X, Ubuntu Linux, Net-snmp | 2024-02-28 | 5.0 MEDIUM | N/A |
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message. | |||||
CVE-2014-1727 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms. | |||||
CVE-2015-2316 | 5 Canonical, Djangoproject, Fedoraproject and 2 more | 5 Ubuntu Linux, Django, Fedora and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string. | |||||
CVE-2014-5429 | 1 Elipse | 3 E3, Power, Scada | 2024-02-28 | 5.0 MEDIUM | N/A |
DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets. | |||||
CVE-2014-8601 | 2 Debian, Powerdns | 2 Debian Linux, Recursor | 2024-02-28 | 5.0 MEDIUM | N/A |
PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. | |||||
CVE-2014-4807 | 1 Ibm | 1 Sterling Selling And Fulfillment Foundation | 2024-02-28 | 4.0 MEDIUM | N/A |
Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character. | |||||
CVE-2014-7188 | 1 Xen | 1 Xen | 2024-02-28 | 8.3 HIGH | N/A |
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors. | |||||
CVE-2014-6410 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.7 MEDIUM | N/A |
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. | |||||
CVE-2014-6377 | 1 Juniper | 1 Junos E | 2024-02-28 | 7.8 HIGH | N/A |
Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before 15.1.0, when DEBUG severity icmpTraffic logging is enabled, allows remote attackers to cause a denial of service (SRP reset) via a crafted ICMP packet to the (1) interface or (2) loopback IP address, which triggers a processor exception in ip_RxData_8. | |||||
CVE-2014-0231 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor. | |||||
CVE-2014-2131 | 1 Cisco | 1 Ios | 2024-02-28 | 6.1 MEDIUM | N/A |
The packet driver in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a series of (1) Virtual Switching Systems (VSS) or (2) Bidirectional Forwarding Detection (BFD) packets, aka Bug IDs CSCug41049 and CSCue61890. | |||||
CVE-2015-0031 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0036, and CVE-2015-0041. | |||||
CVE-2015-1079 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2014-4474 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-2254 | 1 Siemens | 6 Simatic S7 Cpu-1211c, Simatic S7 Cpu 1200 Firmware, Simatic S7 Cpu 1212c and 3 more | 2024-02-28 | 7.8 HIGH | N/A |
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets, a different vulnerability than CVE-2014-2255. |