Search Results (155 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-8845 4 Linux, Novell, Redhat and 1 more 10 Linux Kernel, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 7 more 2025-04-12 N/A
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.
CVE-2015-2736 6 Canonical, Debian, Mozilla and 3 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2025-04-12 N/A
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
CVE-2016-4485 3 Canonical, Linux, Novell 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 2 more 2025-04-12 N/A
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
CVE-2015-2566 2 Novell, Oracle 4 Suse Linux, Suse Linux For Vmware, Suse Linux Sdk and 1 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-0458 4 Novell, Opensuse, Oracle and 1 more 7 Suse Linux Enterprise Desktop, Opensuse, Jdk and 4 more 2025-04-12 N/A
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
CVE-2015-2710 4 Mozilla, Novell, Opensuse and 1 more 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-04-12 N/A
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
CVE-2015-0400 4 Canonical, Novell, Opensuse and 1 more 6 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
CVE-2015-2722 4 Mozilla, Novell, Oracle and 1 more 7 Firefox, Firefox Esr, Suse Linux Enterprise Desktop and 4 more 2025-04-12 N/A
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.
CVE-2015-2721 6 Canonical, Debian, Mozilla and 3 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2025-04-12 N/A
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
CVE-2015-2713 4 Mozilla, Novell, Opensuse and 1 more 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-04-12 N/A
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
CVE-2016-6306 7 Canonical, Debian, Hp and 4 more 11 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 8 more 2025-04-12 5.9 Medium
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
CVE-2015-0437 3 Novell, Oracle, Redhat 5 Suse Linux Enterprise Desktop, Jdk, Jre and 2 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2015-2708 4 Mozilla, Novell, Opensuse and 1 more 8 Firefox, Firefox Esr, Thunderbird and 5 more 2025-04-12 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-2724 6 Canonical, Debian, Mozilla and 3 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2025-04-12 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-2726 3 Mozilla, Novell, Oracle 5 Firefox, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 2 more 2025-04-12 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-2728 4 Mozilla, Novell, Oracle and 1 more 6 Firefox, Firefox Esr, Suse Linux Enterprise Desktop and 3 more 2025-04-12 N/A
The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.
CVE-2015-2733 4 Mozilla, Novell, Oracle and 1 more 6 Firefox, Firefox Esr, Suse Linux Enterprise Desktop and 3 more 2025-04-12 N/A
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.
CVE-2015-2735 6 Canonical, Debian, Mozilla and 3 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2025-04-12 N/A
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
CVE-2014-8559 7 Canonical, Linux, Novell and 4 more 14 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 11 more 2025-04-12 5.5 Medium
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
CVE-2015-8923 4 Canonical, Libarchive, Novell and 1 more 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more 2025-04-12 N/A
The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.