Search Results (16509 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-2795 6 Mozilla, Opensuse, Oracle and 3 more 7 Firefox, Leap, Opensuse and 4 more 2025-04-12 N/A
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
CVE-2014-9666 7 Canonical, Debian, Fedoraproject and 4 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2025-04-12 N/A
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
CVE-2014-9671 6 Canonical, Debian, Freetype and 3 more 12 Ubuntu Linux, Debian Linux, Freetype and 9 more 2025-04-12 N/A
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
CVE-2014-9673 5 Canonical, Debian, Freetype and 2 more 11 Ubuntu Linux, Debian Linux, Freetype and 8 more 2025-04-12 N/A
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
CVE-2014-9674 6 Canonical, Fedoraproject, Freetype and 3 more 12 Ubuntu Linux, Fedora, Freetype and 9 more 2025-04-12 N/A
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
CVE-2014-9679 5 Apple, Canonical, Fedoraproject and 2 more 5 Cups, Ubuntu Linux, Fedora and 2 more 2025-04-12 N/A
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
CVE-2015-0395 6 Canonical, Debian, Novell and 3 more 10 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Server and 7 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2015-0437 3 Novell, Oracle, Redhat 5 Suse Linux Enterprise Desktop, Jdk, Jre and 2 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2015-0469 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CVE-2015-0477 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.
CVE-2015-0480 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.
CVE-2015-0488 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.
CVE-2015-1472 3 Canonical, Gnu, Redhat 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more 2025-04-12 N/A
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
CVE-2015-1802 4 Canonical, Debian, Redhat and 1 more 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more 2025-04-12 N/A
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file.
CVE-2015-1774 6 Apache, Canonical, Debian and 3 more 9 Openoffice, Ubuntu Linux, Debian Linux and 6 more 2025-04-12 N/A
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
CVE-2015-1856 3 Canonical, Openstack, Redhat 5 Ubuntu Linux, Swift, Enterprise Linux and 2 more 2025-04-12 N/A
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.
CVE-2015-2621 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
CVE-2015-2625 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
CVE-2015-2632 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
CVE-2016-1950 5 Apple, Mozilla, Opensuse and 2 more 16 Iphone Os, Mac Os X, Tvos and 13 more 2025-04-12 N/A
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.