VIR Vulnerability Intelligence Relay

Search

Found 27 results in 21ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-14491 critical 9.8 10.0 EXPFIX arch arch slesdebian debian thekelleyssusenvidia 9y ago Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2014-9846 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu suseimagemagick 9y ago Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
CVE-2016-5772 critical 9.8 9.8 slesdebian debiansuse suse phpsuse 10y ago Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a deni…
CVE-2016-5118 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu graphicsmagicksuseimagemagick 10y ago The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVE-2016-0718 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu mozillasuselibexpat_project 10y ago Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVE-2015-8779 critical 9.8 9.8 FIX debian debianfedora fedoraubuntu ubuntu susegnu 10y ago Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possib…
CVE-2015-8778 critical 9.8 9.8 FIX debian debianfedora fedoraubuntu ubuntu gnususe 10y ago Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the s…
CVE-2015-8776 critical 9.1 9.1 FIX debian debianfedora fedoraubuntu ubuntu susegnu 10y ago The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive informatio…
CVE-2014-9761 critical 9.8 9.8 FIX debian debianfedora fedoraubuntu ubuntu susegnu 10y ago Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbi…
CVE-2016-2324 critical 9.8 9.8 FIX slesdebian debiansuse suse susegit-scm 10y ago Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
CVE-2016-2315 critical 9.8 9.8 FIX debian debiansuse suse susegit-scm 10y ago revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based b…
CVE-2015-5165 critical 9.3 FIX sles rheldebian debian suseredhat 11y ago The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
CVE-2014-1514 critical 9.8 9.8 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a …
CVE-2014-1512 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows r…
CVE-2014-1511 critical 9.8 10.0 EXP ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
CVE-2014-1510 critical 9.8 10.0 EXP ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript cod…
CVE-2014-1508 critical 9.1 9.1 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive…
CVE-2014-1493 critical 9.8 9.8 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to c…
CVE-2013-3712 critical 10.0 suse 12y ago SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
CVE-2014-1486 critical 9.8 9.8 fedora fedorasuse suse rhel mozillasuse 13y ago Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers t…
CVE-2014-1477 critical 9.8 9.8 rhelubuntu ubuntudebian debian mozillasuse 13y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to c…
CVE-2013-6671 critical 9.8 9.8 fedora fedorasuse suseubuntu ubuntu mozillasuse 13y ago The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary…
CVE-2013-5618 critical 9.8 9.8 fedora fedorasuse suseubuntu ubuntu mozillasuse 13y ago Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunder…
CVE-2013-5616 critical 9.8 9.8 fedora fedorasuse suseubuntu ubuntu mozillasuse 13y ago Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.2…
CVE-2013-5615 critical 9.8 9.8 fedora fedorasuse suseubuntu ubuntu mozillasuse 13y ago The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions o…
CVE-2013-5613 critical 9.8 9.8 fedora fedorasuse suseubuntu ubuntu mozillasuse 13y ago Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows …
CVE-2013-5609 critical 9.8 9.8 fedora fedorasuse suseubuntu ubuntu mozillasuse 13y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to c…