Max CVSS 10.0 Min CVSS 4.0 Total Count28
IDCVSSSummaryLast (major) updatePublished
CVE-2013-2005 6.8
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEv
20-04-2017 - 21:59 15-06-2013 - 16:55
CVE-2013-2002 6.8
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
20-04-2017 - 21:59 15-06-2013 - 16:55
CVE-2015-6908 5.0
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
21-12-2016 - 22:00 11-09-2015 - 12:59
CVE-2015-7236 5.0
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
07-12-2016 - 22:13 01-10-2015 - 16:59
CVE-2014-9745 5.0
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
07-12-2016 - 22:06 14-09-2015 - 16:59
CVE-2013-4122 4.3
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and con
07-12-2016 - 22:03 26-10-2013 - 20:55
CVE-2015-6838 5.0
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding wi
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6837 5.0
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding wi
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6836 7.5
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "
29-11-2016 - 22:02 19-01-2016 - 00:59
CVE-2015-6835 7.5
The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafte
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6834 7.5
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3)
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6833 5.0
Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extr
29-11-2016 - 22:02 19-01-2016 - 00:59
CVE-2015-6832 7.5
Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers m
29-11-2016 - 22:02 19-01-2016 - 00:59
CVE-2015-6831 7.5
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedLis
29-11-2016 - 22:01 19-01-2016 - 00:59
CVE-2015-5715 4.0
The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky,
28-11-2016 - 14:35 21-05-2016 - 21:59
CVE-2015-5714 4.3
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.
28-11-2016 - 14:35 21-05-2016 - 21:59
CVE-2015-5590 7.5
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a l
28-11-2016 - 14:34 19-01-2016 - 00:59
CVE-2015-5589 10.0
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (seg
28-11-2016 - 14:34 16-05-2016 - 06:59
CVE-2013-7440 4.3
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate.
28-11-2016 - 14:10 07-06-2016 - 14:59
CVE-2013-1981 6.8
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInf
28-11-2016 - 14:08 15-06-2013 - 15:55
CVE-2015-7611 9.3
Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors.
08-06-2016 - 12:39 07-06-2016 - 10:06
CVE-2014-9747 5.0
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
08-06-2016 - 11:03 07-06-2016 - 10:06
CVE-2014-9746 7.5
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do
07-06-2016 - 14:53 07-06-2016 - 10:06
CVE-2013-1997 6.8
Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceI
30-11-2013 - 23:27 15-06-2013 - 16:55
CVE-2013-2063 6.8
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.
24-11-2013 - 23:32 15-06-2013 - 15:55
CVE-2013-2062 6.8
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQuer
11-09-2013 - 23:34 15-06-2013 - 15:55
CVE-2013-2004 6.8
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack con
20-06-2013 - 23:17 15-06-2013 - 16:55
CVE-2013-1982 6.8
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo
20-06-2013 - 23:17 15-06-2013 - 15:55
Back to Top Mark selected
Back to Top