Search Results (46134 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-3795 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.
CVE-2015-3990 1 Sonicwall 4 Analyzer, Global Management System, Uma Em5000 and 1 more 2025-04-12 N/A
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
CVE-2015-4620 2 Isc, Redhat 2 Bind, Enterprise Linux 2025-04-12 N/A
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
CVE-2015-0806 3 Canonical, Mozilla, Opensuse 3 Ubuntu Linux, Firefox, Opensuse 2025-04-12 N/A
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.
CVE-2015-4590 1 Arduino Json Project 1 Arduino Json 2025-04-12 N/A
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a terminator, as demonstrated by "\\\0", which triggers a buffer overflow and over-read.
CVE-2015-4625 3 Fedoraproject, Opensuse, Polkit Project 3 Fedora, Opensuse, Polkit 2025-04-12 N/A
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
CVE-2015-4675 1 Tinysrp Project 1 Tinysrp 2025-04-12 N/A
Buffer overflow in the Tiny SRP library (aka TinySRP) allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted size value for the username field.
CVE-2015-3036 1 Kcodes 1 Netusb 2025-04-12 N/A
Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005.
CVE-2015-0614 1 Cisco 1 Unity Connection 2025-04-12 N/A
The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul26267.
CVE-2015-0615 1 Cisco 1 Unity Connection 2025-04-12 N/A
The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (port consumption) by improperly terminating SIP sessions, aka Bug ID CSCul28089.
CVE-2015-5073 3 Ibm, Pcre, Redhat 4 Powerkvm, Pcre, Enterprise Linux and 1 more 2025-04-12 N/A
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.
CVE-2015-5094 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2025-04-12 N/A
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3095, CVE-2015-5087, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115.
CVE-2015-0903 1 Hidemaru 1 Editor 2025-04-12 N/A
Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted .hmbook file.
CVE-2015-5176 1 Redhat 2 Jboss Enterprise Portal Platform, Jboss Portal 2025-04-12 N/A
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource.
CVE-2015-2740 6 Canonical, Debian, Mozilla and 3 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2025-04-12 N/A
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.
CVE-2015-5220 1 Redhat 3 Jboss Enterprise Application Platform, Jboss Operations Network, Jboss Wildfly Application Server 2025-04-12 N/A
The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server) allows remote attackers to cause a denial of service (memory consumption) via a large request header.
CVE-2016-5157 4 Fedoraproject, Google, Opensuse and 1 more 4 Fedora, Chrome, Leap and 1 more 2025-04-12 N/A
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.
CVE-2016-5159 3 Google, Opensuse, Redhat 4 Chrome, Leap, Enterprise Linux and 1 more 2025-04-12 N/A
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
CVE-2015-6678 6 Adobe, Apple, Google and 3 more 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more 2025-04-12 N/A
Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676.
CVE-2015-6681 1 Adobe 1 Shockwave Player 2025-04-12 N/A
Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6680.