Search Results (1468 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-6905 2 Libgd, Opensuse 3 Libgd, Leap, Opensuse 2025-04-12 N/A
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
CVE-2013-4118 2 Freerdp, Opensuse 3 Freerdp, Leap, Opensuse 2025-04-12 N/A
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
CVE-2016-0642 7 Canonical, Debian, Mariadb and 4 more 19 Ubuntu Linux, Debian Linux, Mariadb and 16 more 2025-04-12 4.7 Medium
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CVE-2016-2191 4 Canonical, Debian, Opensuse and 1 more 5 Ubuntu Linux, Debian Linux, Leap and 2 more 2025-04-12 N/A
The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.
CVE-2014-8867 4 Debian, Opensuse, Redhat and 1 more 5 Debian Linux, Opensuse, Enterprise Linux and 2 more 2025-04-12 N/A
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.
CVE-2014-1500 5 Mozilla, Opensuse, Opensuse Project and 2 more 8 Firefox, Seamonkey, Opensuse and 5 more 2025-04-12 N/A
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
CVE-2014-1502 5 Mozilla, Opensuse, Opensuse Project and 2 more 8 Firefox, Seamonkey, Opensuse and 5 more 2025-04-12 N/A
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
CVE-2014-9065 2 Opensuse, Xen 2 Opensuse, Xen 2025-04-12 N/A
common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066.
CVE-2014-1830 2 Opensuse, Python 2 Opensuse, Requests 2025-04-12 N/A
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
CVE-2014-8104 5 Canonical, Debian, Mageia and 2 more 6 Ubuntu Linux, Debian Linux, Mageia and 3 more 2025-04-12 N/A
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
CVE-2014-9512 3 Opensuse, Oracle, Samba 3 Opensuse, Solaris, Rsync 2025-04-12 N/A
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
CVE-2014-9556 2 Libmspack Project, Opensuse 2 Libmspack, Opensuse 2025-04-12 N/A
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
CVE-2016-4154 8 Adobe, Apple, Google and 5 more 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more 2025-04-12 8.8 High
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-5098 2 Opensuse, Phpmyadmin 2 Opensuse, Phpmyadmin 2025-04-12 N/A
Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error.
CVE-2014-9639 3 Fedoraproject, Opensuse, Xiph 3 Fedora, Opensuse, Vorbis-tools 2025-04-12 N/A
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
CVE-2014-9640 2 Opensuse, Xiph 2 Opensuse, Vorbis-tools 2025-04-12 N/A
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
CVE-2014-3473 3 Openstack, Opensuse, Redhat 3 Horizon, Opensuse, Openstack 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject arbitrary web script or HTML via a crafted template.
CVE-2014-3594 3 Openstack, Opensuse, Redhat 3 Horizon, Opensuse, Openstack 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.
CVE-2014-3598 2 Opensuse, Python 2 Opensuse, Pillow 2025-04-12 N/A
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.
CVE-2014-3528 5 Apache, Apple, Canonical and 2 more 10 Subversion, Xcode, Ubuntu Linux and 7 more 2025-04-12 N/A
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.