Export limit exceeded: 351382 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4192 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-3409 | 2 Canonical, Module-signature Project | 2 Ubuntu Linux, Module-signature | 2025-04-12 | N/A |
| Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module. | ||||
| CVE-2016-1649 | 5 Canonical, Debian, Google and 2 more | 5 Ubuntu Linux, Debian Linux, Chrome and 2 more | 2025-04-12 | N/A |
| The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages. | ||||
| CVE-2015-3408 | 2 Canonical, Module-signature Project | 2 Ubuntu Linux, Module-signature | 2025-04-12 | N/A |
| Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest. | ||||
| CVE-2015-3407 | 2 Canonical, Module-signature Project | 2 Ubuntu Linux, Module-signature | 2025-04-12 | N/A |
| Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files. | ||||
| CVE-2016-3717 | 3 Canonical, Imagemagick, Redhat | 11 Ubuntu Linux, Imagemagick, Enterprise Linux and 8 more | 2025-04-12 | N/A |
| The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. | ||||
| CVE-2016-1659 | 6 Canonical, Debian, Google and 3 more | 6 Ubuntu Linux, Debian Linux, Chrome and 3 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-3941 | 2 Canonical, Videolan | 2 Ubuntu Linux, Vlc Media Player | 2025-04-12 | N/A |
| Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." | ||||
| CVE-2015-3395 | 3 Canonical, Ffmpeg, Libav | 3 Ubuntu Linux, Ffmpeg, Libav | 2025-04-12 | N/A |
| The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access. | ||||
| CVE-2015-3333 | 3 Canonical, Debian, Google | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-1677 | 6 Canonical, Debian, Google and 3 more | 11 Ubuntu Linux, Debian Linux, Chrome and 8 more | 2025-04-12 | N/A |
| uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion." | ||||
| CVE-2016-3712 | 6 Canonical, Citrix, Debian and 3 more | 12 Ubuntu Linux, Xenserver, Debian Linux and 9 more | 2025-04-12 | 5.5 Medium |
| Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. | ||||
| CVE-2015-3310 | 3 Canonical, Debian, Point-to-point Protocol Project | 3 Ubuntu Linux, Debian Linux, Point-to-point Protocol | 2025-04-12 | N/A |
| Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. | ||||
| CVE-2015-3308 | 2 Canonical, Gnu | 2 Ubuntu Linux, Gnutls | 2025-04-12 | N/A |
| Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. | ||||
| CVE-2016-3716 | 3 Canonical, Imagemagick, Redhat | 11 Ubuntu Linux, Imagemagick, Enterprise Linux and 8 more | 2025-04-12 | N/A |
| The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. | ||||
| CVE-2016-3947 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2025-04-12 | N/A |
| Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet. | ||||
| CVE-2015-3281 | 6 Canonical, Debian, Haproxy and 3 more | 14 Ubuntu Linux, Debian Linux, Haproxy and 11 more | 2025-04-12 | N/A |
| The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request. | ||||
| CVE-2015-3279 | 4 Canonical, Debian, Linuxfoundation and 1 more | 4 Ubuntu Linux, Debian Linux, Cups-filters and 1 more | 2025-04-12 | N/A |
| Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow. | ||||
| CVE-2016-1691 | 6 Canonical, Debian, Google and 3 more | 10 Ubuntu Linux, Debian Linux, Chrome and 7 more | 2025-04-12 | N/A |
| Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp. | ||||
| CVE-2016-3698 | 4 Canonical, Debian, Libndp and 1 more | 11 Ubuntu Linux, Debian Linux, Libndp and 8 more | 2025-04-12 | N/A |
| libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network. | ||||
| CVE-2015-3258 | 4 Canonical, Debian, Linuxfoundation and 1 more | 4 Ubuntu Linux, Debian Linux, Cups-filters and 1 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job. | ||||