VIR Vulnerability Intelligence Relay

Search

Found 21 results in 335ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-12629 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntu rhel apacheredhat 9y ago Remote code execution occurs in Apache Solr
CVE-2017-14491 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleyssusenvidia 9y ago multiple issues in dnsmasq
CVE-2017-14493 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2017-14492 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleys 9y ago multiple issues in dnsmasq
CVE-2016-4486 low 3.3 4.3 EXPFIX slesdebian debianubuntu ubuntu novell 10y ago The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from …
CVE-2016-3716 low 3.3 4.3 EXPFIX debian debian rhelubuntu ubuntu imagemagick 10y ago The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
CVE-2016-3074 critical 9.8 10.0 EXPFIX slesdebian debiansuse suse libgdphp 10y ago Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed g…
CVE-2015-4000 low 3.7 4.7 EXPFIX slesdebian debianmacos macos opensslibmoracle 11y ago The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c…
CVE-2015-0240 critical 10.0 EXPFIX rhelubuntu ubuntususe suse samba 11y ago The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized st…
CVE-2014-0476 low 4.7 EXPFIX debian debianubuntu ubuntu chkrootkit 12y ago The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerabilit…
CVE-2014-1739 low 3.1 EXPFIX debian debianubuntu ubuntususe suse 12y ago The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive in…
CVE-2012-0943 low 3.1 EXPFIX ubuntu ubuntudebian debian robert_ancell 12y ago debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name …
CVE-2014-1511 critical 9.8 10.0 EXP ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
CVE-2014-1510 critical 9.8 10.0 EXP ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript cod…
CVE-2013-0758 critical 10.0 EXP ubuntu ubuntususe suse rhel mozilla 14y ago Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 a…
CVE-2013-0757 critical 10.0 EXP ubuntu ubuntususe suse mozilla 14y ago The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15…
CVE-2013-0753 critical 10.0 EXP ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird…
CVE-2010-3850 low 3.1 EXPFIX linux-kernelsuse susedebian debian 16y ago The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions …
CVE-2010-2008 low 4.5 EXP ubuntu ubuntufedora fedora oracle 16y ago MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# strin…
CVE-2010-1205 critical 9.8 10.0 EXPFIX macos macossuse susedebian debian libpnggoogleapple 16y ago Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers…
CVE-2009-3555 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntufedora fedora apachegnumozilla 17y ago The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…