Total
725 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-5576 | 1 Oracle | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. | |||||
CVE-2015-4807 | 4 Fedoraproject, Mariadb, Opensuse and 1 more | 6 Fedora, Mariadb, Leap and 3 more | 2024-02-28 | 3.5 LOW | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache. | |||||
CVE-2016-3441 | 1 Oracle | 1 Solaris | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem. | |||||
CVE-2015-2734 | 5 Canonical, Debian, Mozilla and 2 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2024-02-28 | 10.0 HIGH | N/A |
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. | |||||
CVE-2016-5553 | 1 Oracle | 1 Solaris | 2024-02-28 | 4.7 MEDIUM | 5.0 MEDIUM |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. | |||||
CVE-2016-2177 | 3 Hp, Openssl, Oracle | 6 Icewall Mcrp, Icewall Sso, Icewall Sso Agent Option and 3 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | |||||
CVE-2016-0596 | 6 Canonical, Debian, Mariadb and 3 more | 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. | |||||
CVE-2016-5844 | 3 Libarchive, Oracle, Redhat | 10 Libarchive, Linux, Solaris and 7 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. | |||||
CVE-2015-4496 | 2 Mozilla, Oracle | 2 Firefox, Solaris | 2024-02-28 | 9.3 HIGH | N/A |
Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538. | |||||
CVE-2015-4864 | 4 Canonical, Mariadb, Oracle and 1 more | 10 Ubuntu Linux, Mariadb, Mysql and 7 more | 2024-02-28 | 3.5 LOW | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges. | |||||
CVE-2015-2737 | 5 Canonical, Debian, Mozilla and 2 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2024-02-28 | 10.0 HIGH | N/A |
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors. | |||||
CVE-2015-4651 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Solaris, Wireshark | 2024-02-28 | 5.0 MEDIUM | N/A |
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
CVE-2015-4024 | 5 Apple, Hp, Oracle and 2 more | 12 Mac Os X, System Management Homepage, Linux and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. | |||||
CVE-2016-4082 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Solaris, Wireshark | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet. | |||||
CVE-2015-6247 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2024-02-28 | 4.3 MEDIUM | N/A |
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
CVE-2015-4487 | 4 Canonical, Mozilla, Opensuse and 1 more | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow." | |||||
CVE-2015-4491 | 8 Canonical, Fedoraproject, Gnome and 5 more | 9 Ubuntu Linux, Fedora, Gdk-pixbuf and 6 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. | |||||
CVE-2015-3200 | 3 Hp, Lighttpd, Oracle | 3 Virtual Customer Access System, Lighttpd, Solaris | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character. | |||||
CVE-2016-3497 | 1 Oracle | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471. | |||||
CVE-2015-6243 | 2 Oracle, Wireshark | 3 Linux, Solaris, Wireshark | 2024-02-28 | 4.3 MEDIUM | N/A |
The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions. |