Export limit exceeded: 10706 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10706 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-6453 | 1 Oracle | 1 Database Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6467, CVE-2014-6545, and CVE-2014-6560. | ||||
| CVE-2014-1506 | 3 Google, Mozilla, Oracle | 3 Android, Firefox, Solaris | 2025-04-12 | N/A |
| Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments. | ||||
| CVE-2014-1504 | 4 Mozilla, Opensuse, Oracle and 1 more | 7 Firefox, Seamonkey, Opensuse and 4 more | 2025-04-12 | N/A |
| The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart. | ||||
| CVE-2014-1502 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. | ||||
| CVE-2016-5560 | 1 Oracle | 1 Siebel Customer Order Management | 2025-04-12 | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 16.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to OpenUI. | ||||
| CVE-2014-1501 | 4 Google, Mozilla, Oracle and 1 more | 6 Android, Firefox, Solaris and 3 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection. | ||||
| CVE-2016-5562 | 1 Oracle | 1 Iprocurement | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
| CVE-2016-5563 | 1 Oracle | 1 Hospitality Opera 5 Property Services | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote administrators to affect confidentiality, integrity, and availability via vectors related to OPERA. | ||||
| CVE-2014-1500 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. | ||||
| CVE-2014-1498 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. | ||||
| CVE-2014-1494 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2016-5565 | 1 Oracle | 1 Hospitality Opera 5 Property Services | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality via vectors related to OPERA. | ||||
| CVE-2016-3422 | 2 Oracle, Redhat | 5 Jdk, Jre, Network Satellite and 2 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. | ||||
| CVE-2014-3145 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2025-04-12 | N/A |
| The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. | ||||
| CVE-2016-5567 | 1 Oracle | 1 Applications Dba | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5571. | ||||
| CVE-2014-3144 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2025-04-12 | N/A |
| The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced. | ||||
| CVE-2014-2678 | 4 Fedoraproject, Linux, Oracle and 1 more | 6 Fedora, Linux Kernel, Linux and 3 more | 2025-04-12 | N/A |
| The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. | ||||
| CVE-2014-0981 | 1 Oracle | 1 Vm Virtualbox | 2025-04-12 | N/A |
| VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982. | ||||
| CVE-2014-6461 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | N/A |
| Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Roles & Privileges. | ||||
| CVE-2014-9669 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2025-04-12 | N/A |
| Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table. | ||||