Export limit exceeded: 348139 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6023 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1583 | 5 Canonical, Debian, Linux and 2 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2025-04-12 | 7.8 High |
| The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. | ||||
| CVE-2015-8956 | 3 Google, Linux, Redhat | 4 Android, Linux Kernel, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket. | ||||
| CVE-2015-8844 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-12 | N/A |
| The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. | ||||
| CVE-2014-0564 | 8 Adobe, Apple, Google and 5 more | 15 Air Desktop Runtime, Air Sdk, Flash Player and 12 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558. | ||||
| CVE-2015-8543 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-12 | 7.0 High |
| The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. | ||||
| CVE-2014-4699 | 4 Canonical, Debian, Linux and 1 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2025-04-12 | N/A |
| The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls. | ||||
| CVE-2014-7822 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-12 | N/A |
| The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem. | ||||
| CVE-2015-8631 | 5 Debian, Mit, Opensuse and 2 more | 12 Debian Linux, Kerberos 5, Leap and 9 more | 2025-04-12 | 6.5 Medium |
| Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. | ||||
| CVE-2015-8126 | 9 Apple, Canonical, Debian and 6 more | 24 Mac Os X, Ubuntu Linux, Debian Linux and 21 more | 2025-04-12 | N/A |
| Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. | ||||
| CVE-2015-0329 | 5 Adobe, Apple, Linux and 2 more | 5 Flash Player, Mac Os X, Linux Kernel and 2 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330. | ||||
| CVE-2015-0321 | 5 Adobe, Apple, Linux and 2 more | 5 Flash Player, Mac Os X, Linux Kernel and 2 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330. | ||||
| CVE-2015-8388 | 3 Oracle, Pcre, Redhat | 4 Linux, Perl Compatible Regular Expression Library, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | ||||
| CVE-2015-8668 | 3 Libtiff, Oracle, Redhat | 6 Libtiff, Linux, Vm Server and 3 more | 2025-04-12 | 9.8 Critical |
| Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. | ||||
| CVE-2015-2328 | 3 Oracle, Pcre, Redhat | 4 Linux, Pcre, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | ||||
| CVE-2014-3690 | 7 Canonical, Debian, Linux and 4 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2025-04-12 | 5.5 Medium |
| arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. | ||||
| CVE-2015-5575 | 6 Adobe, Apple, Google and 3 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-04-12 | N/A |
| Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. | ||||
| CVE-2015-5572 | 6 Adobe, Apple, Google and 3 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-04-12 | N/A |
| Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-5570 | 6 Adobe, Apple, Google and 3 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. | ||||
| CVE-2015-5569 | 6 Adobe, Apple, Google and 3 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-04-12 | N/A |
| Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact and attack vectors. | ||||
| CVE-2015-8931 | 5 Canonical, Debian, Libarchive and 2 more | 7 Ubuntu Linux, Debian Linux, Libarchive and 4 more | 2025-04-12 | N/A |
| Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior. | ||||