Export limit exceeded: 10018 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10018 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9718 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | N/A |
| The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions. | ||||
| CVE-2015-8949 | 2 Dbd-mysql Project, Debian | 2 Dbd-mysql, Debian Linux | 2025-04-12 | N/A |
| Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login. | ||||
| CVE-2014-9272 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2025-04-12 | N/A |
| The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol. | ||||
| CVE-2014-9706 | 2 Debian, Dulwich Project | 2 Debian Linux, Dulwich | 2025-04-12 | N/A |
| The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree. | ||||
| CVE-2016-0592 | 2 Debian, Oracle | 2 Debian Linux, Vm Virtualbox | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core. | ||||
| CVE-2014-0479 | 2 Canonical, Debian | 2 Reportbug, Reportbug | 2025-04-12 | N/A |
| reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compare_versions and reportbug/checkversions.py. | ||||
| CVE-2012-6699 | 2 Debian, Dhcpcd Project | 2 Debian Linux, Dhcpcd | 2025-04-12 | N/A |
| The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response. | ||||
| CVE-2014-4943 | 5 Debian, Linux, Opensuse and 2 more | 9 Debian Linux, Linux Kernel, Opensuse and 6 more | 2025-04-12 | N/A |
| The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | ||||
| CVE-2016-8910 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2025-04-12 | 6.0 Medium |
| The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | ||||
| CVE-2015-0252 | 4 Apache, Debian, Fedoraproject and 1 more | 4 Xerces-c\+\+, Debian Linux, Fedora and 1 more | 2025-04-12 | N/A |
| internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data. | ||||
| CVE-2016-2098 | 3 Debian, Redhat, Rubyonrails | 4 Debian Linux, Rhel Software Collections, Rails and 1 more | 2025-04-12 | N/A |
| Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method. | ||||
| CVE-2016-9101 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2025-04-12 | 6.0 Medium |
| Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device. | ||||
| CVE-2015-0383 | 7 Canonical, Debian, Fedoraproject and 4 more | 11 Ubuntu Linux, Debian Linux, Fedora and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. | ||||
| CVE-2016-2118 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux and 6 more | 2025-04-12 | 7.5 High |
| The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK." | ||||
| CVE-2014-0462 | 3 Canonical, Debian, Oracle | 3 Ubuntu Linux, Debian Linux, Openjdk | 2025-04-12 | N/A |
| Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405. | ||||
| CVE-2015-0395 | 6 Canonical, Debian, Novell and 3 more | 10 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Server and 7 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||||
| CVE-2016-9103 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 6.0 Medium |
| The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them. | ||||
| CVE-2015-0407 | 5 Canonical, Debian, Fedoraproject and 2 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | ||||
| CVE-2015-0408 | 6 Canonical, Debian, Novell and 3 more | 11 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | ||||
| CVE-2015-0410 | 6 Canonical, Debian, Novell and 3 more | 12 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 9 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security. | ||||