Max CVSS 10.0 Min CVSS 1.9 Total Count132
IDCVSSSummaryLast (major) updatePublished
CVE-2015-3149 2.1
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
25-07-2017 - 14:29 25-07-2017 - 14:29
CVE-2015-5123 10.0
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12
19-01-2017 - 21:59 14-07-2015 - 06:59
CVE-2014-0566 10.0
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565.
06-01-2017 - 21:59 17-09-2014 - 06:55
CVE-2015-2808 4.3
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial
02-01-2017 - 21:59 31-03-2015 - 22:00
CVE-2015-1593 5.0
The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predictin
02-01-2017 - 21:59 16-03-2015 - 06:59
CVE-2015-0286 5.0
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2014-8102 6.5
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of
02-01-2017 - 21:59 10-12-2014 - 10:59
CVE-2014-3571 5.0
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation fo
02-01-2017 - 21:59 08-01-2015 - 21:59
CVE-2014-0227 6.4
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote atta
02-01-2017 - 21:59 15-02-2015 - 19:59
CVE-2015-4000 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie
30-12-2016 - 21:59 20-05-2015 - 20:59
CVE-2015-2922 3.3
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value
30-12-2016 - 21:59 27-05-2015 - 06:59
CVE-2015-2830 1.9
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the
30-12-2016 - 21:59 27-05-2015 - 06:59
CVE-2015-1803 8.5
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer der
30-12-2016 - 21:59 20-03-2015 - 10:59
CVE-2015-0255 6.4
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry r
30-12-2016 - 21:59 13-02-2015 - 10:59
CVE-2014-0230 7.8
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (
30-12-2016 - 21:59 07-06-2015 - 19:59
CVE-2015-4750 5.0
Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.2 allows remote attackers to affect availability via vectors related to LDOM Manager.
29-12-2016 - 08:34 16-07-2015 - 07:00
CVE-2015-4744 2.6
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote atta
28-12-2016 - 11:28 16-07-2015 - 07:00
CVE-2015-5122 10.0
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and
27-12-2016 - 21:59 14-07-2015 - 06:59
CVE-2015-4696 4.3
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
27-12-2016 - 21:59 01-07-2015 - 10:59
CVE-2015-4695 5.0
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
27-12-2016 - 21:59 01-07-2015 - 10:59
CVE-2015-4588 6.8
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
27-12-2016 - 21:59 01-07-2015 - 10:59
CVE-2015-3650 7.2
vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL po
27-12-2016 - 21:59 10-07-2015 - 13:59
CVE-2015-2743 7.5
PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2742 4.3
Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2741 4.3
Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to b
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2740 10.0
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have un
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2739 10.0
The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2738 10.0
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, wh
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2737 10.0
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecifi
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2736 9.3
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2735 9.3
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archiv
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2734 10.0
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, whic
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2733 10.0
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XM
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2731 10.0
Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leverag
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2730 4.3
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2729 5.0
The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain se
27-12-2016 - 21:59 05-07-2015 - 22:01
CVE-2015-2728 7.5
The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execut
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2727 6.8
Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. N
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2726 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2725 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2724 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and appli
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2722 10.0
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XM
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2721 4.3
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS sta
27-12-2016 - 21:59 05-07-2015 - 22:00
CVE-2015-2623 4.3
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers t
27-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-0848 6.8
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
27-12-2016 - 21:59 01-07-2015 - 10:59
CVE-2015-4864 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
23-12-2016 - 21:59 21-10-2015 - 19:59
CVE-2015-4760 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-4749 4.3
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-4748 7.6
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-4733 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-4732 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability th
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-4731 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-3636 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and sy
23-12-2016 - 21:59 05-08-2015 - 21:59
CVE-2015-3185 4.3
The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote
23-12-2016 - 21:59 20-07-2015 - 19:59
CVE-2015-3183 5.0
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large c
23-12-2016 - 21:59 20-07-2015 - 19:59
CVE-2015-2659 5.0
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security.
23-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-2632 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2628 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2625 2.6
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2621 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2601 5.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2594 6.6
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to C
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2590 10.0
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability th
23-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-5110 10.0
Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X a
21-12-2016 - 21:59 15-07-2015 - 10:59
CVE-2015-5109 10.0
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attac
21-12-2016 - 21:59 15-07-2015 - 10:59
CVE-2015-5107 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to obtain sensit
21-12-2016 - 21:59 15-07-2015 - 10:59
CVE-2015-5106 7.5
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
21-12-2016 - 21:59 15-07-2015 - 10:59
CVE-2015-4752 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.
21-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-2648 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
21-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-2643 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
21-12-2016 - 21:59 16-07-2015 - 07:00
CVE-2015-2620 4.3
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
21-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-2582 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
21-12-2016 - 21:59 16-07-2015 - 06:59
CVE-2015-0383 5.4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
21-12-2016 - 21:59 21-01-2015 - 13:59
CVE-2015-5099 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
08-12-2016 - 15:52 15-07-2015 - 10:59
CVE-2015-4448 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
08-12-2016 - 13:49 15-07-2015 - 10:59
CVE-2004-0941 10.0
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2015-3152 4.3
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade at
29-11-2016 - 22:01 16-05-2016 - 06:59
CVE-2015-5115 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5114 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5113 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5111 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5108 10.0
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attac
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5104 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5103 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5102 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5101 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5100 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5097 10.0
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attac
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5095 10.0
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5094 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5093 10.0
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attack
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5092 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5091 7.8
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denia
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5090 7.5
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5089 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5088 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5087 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5086 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-5085 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:31 15-07-2015 - 10:59
CVE-2015-4452 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4451 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4450 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4449 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4447 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4446 7.5
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4445 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4441 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4438 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-4435 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaSc
28-11-2016 - 14:28 15-07-2015 - 10:59
CVE-2015-3192 4.3
Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) vi
28-11-2016 - 14:23 12-07-2016 - 15:59
CVE-2015-3095 10.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbit
28-11-2016 - 14:22 15-07-2015 - 10:59
CVE-2015-2141 5.0
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing att
28-11-2016 - 14:19 01-07-2015 - 10:59
CVE-2015-0253 5.0
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending
28-11-2016 - 14:16 20-07-2015 - 19:59
CVE-2015-0228 5.0
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script ha
28-11-2016 - 14:16 07-03-2015 - 21:59
CVE-2014-8450 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intend
28-11-2016 - 14:13 15-07-2015 - 10:59
CVE-2014-1569 7.5
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers
03-10-2016 - 22:01 15-12-2014 - 13:59
CVE-2011-5321 4.9
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other im
05-05-2016 - 20:57 02-05-2016 - 06:59
CVE-2010-1324 4.3
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum,
31-03-2016 - 13:26 02-12-2010 - 11:22
CVE-2015-4751 5.0
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine.
20-07-2015 - 11:34 16-07-2015 - 07:00
CVE-2015-5105 10.0
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X al
17-07-2015 - 09:50 15-07-2015 - 10:59
CVE-2015-2581 6.4
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.
17-07-2015 - 09:44 16-07-2015 - 06:59
CVE-2015-5098 10.0
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X al
17-07-2015 - 09:39 15-07-2015 - 10:59
CVE-2015-5096 10.0
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X al
17-07-2015 - 09:38 15-07-2015 - 10:59
CVE-2015-4444 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denia
16-07-2015 - 14:48 15-07-2015 - 10:59
CVE-2015-4443 5.0
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denia
16-07-2015 - 14:46 15-07-2015 - 10:59
CVE-2015-2593 7.1
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Configuration Service.
16-07-2015 - 12:52 16-07-2015 - 06:59
CVE-2007-2756 4.3
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
05-11-2012 - 22:39 18-05-2007 - 14:30
CVE-2007-3477 5.0
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
30-10-2012 - 22:38 28-06-2007 - 14:30
CVE-2007-3473 4.3
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
30-10-2012 - 22:38 28-06-2007 - 14:30
CVE-2007-3472 4.3
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.
30-10-2012 - 22:38 28-06-2007 - 14:30
CVE-2009-3546 9.3
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-
25-08-2011 - 00:00 19-10-2009 - 16:00
CVE-2007-0455 7.5
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded
07-03-2011 - 21:49 30-01-2007 - 12:28
Back to Top Mark selected
Back to Top