Total
233 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-1838 | 2 Fedoraproject, Saltstack | 2 Fedora, Salt | 2025-04-20 | N/A |
| modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | ||||
| CVE-2015-8985 | 1 Gnu | 1 Glibc | 2025-04-20 | 5.9 Medium |
| The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. | ||||
| CVE-2014-3223 | 1 Huawei | 10 S2300, S2300 Firmware, S3300 and 7 more | 2025-04-20 | N/A |
| Huawei S9300 with software before V100R006SPH013 and S2300,S3300,S5300,S6300 with software before V100R006SPH010 support Y.1731 and therefore have the Y.1731 vulnerability in processing special packets. The vulnerability causes the restart of switches. | ||||
| CVE-2006-5331 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to cause a denial of service (panic) by triggering execution of an Altivec instruction. | ||||
| CVE-2012-5358 | 1 Ektron | 1 Ektron Content Management System | 2025-04-20 | N/A |
| The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial of service, or possibly have unspecified other impact via crafted XSL data. | ||||
| CVE-2012-5357 | 1 Ektron | 1 Ektron Content Management System | 2025-04-20 | N/A |
| Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data. | ||||
| CVE-2016-4925 | 1 Juniper | 1 Junose | 2025-04-20 | N/A |
| Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. | ||||
| CVE-2016-5214 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-20 | N/A |
| Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page. | ||||
| CVE-2015-3991 | 1 Strongswan | 1 Strongswan | 2025-04-20 | N/A |
| strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. | ||||
| CVE-2016-6766 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31318219. | ||||
| CVE-2016-0761 | 2 Cloudfoundry, Pivotal Software | 2 Garden Linux, Cloud Foundry Elastic Runtime | 2025-04-20 | 9.8 Critical |
| Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host. | ||||
| CVE-2015-1839 | 2 Fedoraproject, Saltstack | 2 Fedora, Salt | 2025-04-20 | N/A |
| modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | ||||
| CVE-2015-2255 | 1 Huawei | 2 Ar1220, Ar1220 Firmware | 2025-04-20 | N/A |
| Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port. | ||||
| CVE-2015-7979 | 2 Ntp, Redhat | 3 Ntp, Enterprise Linux, Rhel Eus | 2025-04-20 | N/A |
| NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client. | ||||
| CVE-2016-5225 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-20 | N/A |
| Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page. | ||||
| CVE-2016-6287 | 1 Call-cc | 1 Http-client | 2025-04-20 | N/A |
| The "http-client" egg always used a HTTP_PROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests through a proxy (also known as a "httpoxy" attack). This affects all versions of http-client before 0.10. | ||||
| CVE-2016-7987 | 1 Siemens | 8 Eta2 Firmware, Eta4 Firmware, Sicam Ak and 5 more | 2025-04-20 | N/A |
| An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 2404/TCP could cause the affected device to go into defect mode. A cold start might be required to recover the system, a Denial-of-Service Vulnerability. | ||||
| CVE-2016-9305 | 1 Autodesk | 1 Fbx Software Development Kit | 2025-04-20 | N/A |
| Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers. | ||||
| CVE-2016-3091 | 1 Cloud Foundry | 1 Diego | 2025-04-20 | N/A |
| Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service. | ||||
| CVE-2014-9693 | 1 Huawei | 64 Tecal Bh620 V2, Tecal Bh620 V2 Firmware, Tecal Bh621 V2 and 61 more | 2025-04-20 | N/A |
| Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow attackers to execute arbitrary code or restart the system via crafted DNS packets. | ||||