Export limit exceeded: 350927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (404 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7793 | 1 Corega | 1 Cg-wlbaragm Firmware | 2025-04-12 | N/A |
| Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to trigger outbound network traffic via unspecified vectors. | ||||
| CVE-2015-7833 | 2 Novell, Redhat | 2 Suse Linux Enterprise Real Time Extension, Enterprise Linux | 2025-04-12 | N/A |
| The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor. | ||||
| CVE-2016-1571 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-12 | N/A |
| The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check. | ||||
| CVE-2016-1640 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for remote attackers to trick a user into believing that an installation request originated from the user's next navigation target via a crafted web site. | ||||
| CVE-2016-2314 | 1 Huawei | 2 Mt882, Mt882 Firmware | 2025-04-12 | N/A |
| GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. | ||||
| CVE-2016-4356 | 2 Canonical, Gnupg | 2 Ubuntu Linux, Libksba | 2025-04-12 | N/A |
| The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data. | ||||
| CVE-2013-7424 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-12 | N/A |
| The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6. | ||||
| CVE-2013-7423 | 4 Canonical, Gnu, Opensuse and 1 more | 7 Ubuntu Linux, Glibc, Opensuse and 4 more | 2025-04-12 | N/A |
| The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function. | ||||
| CVE-2014-5277 | 1 Docker | 2 Docker, Docker-py | 2025-04-12 | N/A |
| Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. | ||||
| CVE-2014-5426 | 1 Matrikonopc | 1 Dnp3 Opc Server | 2025-04-12 | N/A |
| MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message. | ||||
| CVE-2014-6383 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, when using Trio-based PFE modules, does not properly match ports, which might allow remote attackers to bypass firewall rule. | ||||
| CVE-2014-6386 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R9, 12.3R2 before 12.3R2-S3, 12.3 before 12.3R3, 13.1 before 13.1R4, and 13.2 before 13.2R1 allows remote attackers to cause a denial of service (assertion failure and rpd restart) via a crafted BGP FlowSpec prefix. | ||||
| CVE-2014-8121 | 4 Canonical, Gnu, Redhat and 1 more | 5 Ubuntu Linux, Glibc, Enterprise Linux and 2 more | 2025-04-12 | N/A |
| DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset. | ||||
| CVE-2014-8155 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2025-04-12 | N/A |
| GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid. | ||||
| CVE-2014-8172 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-12 | N/A |
| The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations. | ||||
| CVE-2014-9065 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066. | ||||
| CVE-2014-9066 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065. | ||||
| CVE-2014-9090 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite. | ||||
| CVE-2014-9143 | 1 Technicolor | 1 Td5130 Router Firmware | 2025-04-12 | N/A |
| Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter. | ||||
| CVE-2014-9222 | 1 Allegrosoft | 1 Rompager | 2025-04-12 | N/A |
| AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability. | ||||