Total
28564 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-6501 | 1 Sun | 1 Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via vectors related to SSH. | |||||
CVE-2014-0191 | 1 Oracle | 1 Fusion Middleware | 2024-02-28 | 4.3 MEDIUM | N/A |
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document. | |||||
CVE-2014-0554 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors. | |||||
CVE-2014-2490 | 3 Debian, Hp, Oracle | 4 Debian Linux, Hp-ux, Jdk and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
CVE-2015-0815 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-02-28 | 7.5 HIGH | N/A |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
CVE-2014-2624 | 1 Hp | 1 Network Node Manager I | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264. | |||||
CVE-2014-8821 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | N/A |
The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8820. | |||||
CVE-2014-2408 | 1 Oracle | 1 Database Server | 2024-02-28 | 6.6 MEDIUM | N/A |
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege." | |||||
CVE-2015-1211 | 7 Apple, Canonical, Google and 4 more | 11 Macos, Ubuntu Linux, Chrome and 8 more | 2024-02-28 | 7.5 HIGH | N/A |
The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI. | |||||
CVE-2013-5875 | 1 Oracle | 1 Sunos | 2024-02-28 | 2.7 LOW | N/A |
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity and availability via vectors related to Role Based Access Control (RBAC). | |||||
CVE-2013-6141 | 1 Op5 | 1 Monitor | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers to read arbitrary files via unknown vectors related to lack of authorization. | |||||
CVE-2013-4426 | 1 Leon Weber | 1 Pyxtrlock | 2024-02-28 | 3.6 LOW | N/A |
pyxtrlock before 0.1 uses an incorrect variable name, which allows physically proximate attackers to bypass the lock screen via multiple failed authentication attempts, which trigger a crash. | |||||
CVE-2013-7363 | 1 Sap | 1 Solution Manager | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. | |||||
CVE-2014-2505 | 1 Emc | 1 Rsa Archer Egrc | 2024-02-28 | 5.4 MEDIUM | N/A |
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors. | |||||
CVE-2014-3086 | 1 Ibm | 3 Lotus Domino, Lotus Notes, Websphere Real Time | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager. | |||||
CVE-2014-6231 | 1 Cwt Frontend Edit Project | 1 Cwt Frontend Edit | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
CVE-2015-0319 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0317. | |||||
CVE-2014-2439 | 1 Oracle | 1 Virtualization | 2024-02-28 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application. | |||||
CVE-2014-0426 | 1 Oracle | 1 Fusion Middleware | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413. | |||||
CVE-2014-4284 | 1 Sun | 1 Sunos | 2024-02-28 | 4.4 MEDIUM | N/A |
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4280. |