Search Results (775 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-5841 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
CVE-2016-5842 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 7.5 High
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVE-2016-5844 3 Libarchive, Oracle, Redhat 11 Libarchive, Linux, Solaris and 8 more 2025-04-12 N/A
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
CVE-2016-6302 3 Openssl, Oracle, Redhat 5 Openssl, Linux, Solaris and 2 more 2025-04-12 N/A
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
CVE-2016-6491 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
CVE-2015-2188 6 Debian, Mageia, Opensuse and 3 more 7 Debian Linux, Mageia, Opensuse and 4 more 2025-04-12 N/A
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
CVE-2015-2922 5 Debian, Fedoraproject, Linux and 2 more 8 Debian Linux, Fedora, Linux Kernel and 5 more 2025-04-12 N/A
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
CVE-2015-3811 3 Oracle, Redhat, Wireshark 4 Linux, Solaris, Enterprise Linux and 1 more 2025-04-12 N/A
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.
CVE-2016-4954 5 Ntp, Opensuse, Oracle and 2 more 15 Ntp, Leap, Opensuse and 12 more 2025-04-12 7.5 High
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
CVE-2016-6185 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2025-04-12 7.8 High
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
CVE-2012-0752 7 Adobe, Apple, Google and 4 more 7 Flash Player, Mac Os X, Android and 4 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."
CVE-2010-2400 1 Oracle 2 Opensolaris, Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Filesystem.
CVE-2010-3503 1 Oracle 2 Opensolaris, Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.
CVE-2010-3507 1 Oracle 1 Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Live Upgrade.
CVE-2010-3508 1 Oracle 1 Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Zones.
CVE-2010-3509 1 Oracle 1 Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler.
CVE-2010-3513 1 Oracle 2 Opensolaris, Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.
CVE-2014-1489 6 Canonical, Mozilla, Opensuse and 3 more 8 Ubuntu Linux, Firefox, Opensuse and 5 more 2025-04-11 N/A
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
CVE-2010-3515 1 Oracle 2 Opensolaris, Solaris 2025-04-11 N/A
Unspecified vulnerability in the Solaris component in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Disk Driver.
CVE-2010-3516 1 Oracle 2 Opensolaris, Solaris 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand.