Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2019-11-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| evince is missing a check on number of pages which can lead to a segmentation fault | |||||
| CVE-2010-3667 | 1 Typo3 | 1 Typo3 | 2019-11-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. | |||||
| CVE-2012-6125 | 1 Call-cc | 1 Chicken | 2019-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. | |||||
| CVE-2013-2259 | 1 Cryptocat Project | 1 Cryptocat | 2019-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview | |||||
| CVE-2013-4100 | 1 Cryptocat Project | 1 Cryptocat | 2019-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| Cryptocat before 2.0.22 has Remote Denial of Service via username | |||||
| CVE-2013-2227 | 2 Debian, Glpi-project | 2 Debian Linux, Glpi | 2019-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| GLPI 0.83.7 has Local File Inclusion in common.tabs.php. | |||||
| CVE-2012-0694 | 1 Sugarcrm | 1 Sugarcrm | 2019-11-01 | 7.5 HIGH | 9.8 CRITICAL |
| SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code. | |||||
| CVE-2010-3375 | 1 Qtparted Project | 1 Qtparted | 2019-11-01 | 7.5 HIGH | 9.8 CRITICAL |
| qtparted has insecure library loading which may allow arbitrary code execution | |||||
| CVE-2010-3373 | 2 Debian, Grsecurity | 2 Debian Linux, Paxtest | 2019-11-01 | 2.1 LOW | 5.5 MEDIUM |
| paxtest handles temporary files insecurely | |||||
| CVE-2002-2444 | 1 Snoopy Project | 1 Snoopy | 2019-11-01 | 7.5 HIGH | 9.8 CRITICAL |
| Snoopy before 2.0.0 has a security hole in exec cURL | |||||
| CVE-2018-6759 | 1 Gnu | 1 Binutils | 2019-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file. | |||||
| CVE-2018-7208 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. | |||||
| CVE-2018-8945 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-10-31 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. | |||||
| CVE-2010-3293 | 1 Mailscanner | 1 Mailscanner | 2019-10-30 | 2.1 LOW | 5.5 MEDIUM |
| mailscanner can allow local users to prevent virus signatures from being updated | |||||
| CVE-2014-2304 | 1 Projectfloodlight | 1 Open Sdn Controller | 2019-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service. This effect is the result of a flaw in OpenFlow protocol processing, where specific malformed and mistimed FEATURES_REPLY messages cause the controller service to not delete switch and port data from its internal tracking structures. | |||||
| CVE-2018-12153 | 1 Intel | 1 Graphics Driver | 2019-10-30 | 4.9 MEDIUM | 6.5 MEDIUM |
| Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user from a virtual machine guest to potentially crash the host system via local access. | |||||
| CVE-2010-4239 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2019-10-29 | 7.5 HIGH | 9.8 CRITICAL |
| Tiki Wiki CMS Groupware 5.2 has Local File Inclusion | |||||
| CVE-2019-3982 | 1 Tenable | 1 Nessus | 2019-10-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. An authenticated, remote attacker could potentially exploit this vulnerability to cause a Nessus scanner to become temporarily unresponsive. | |||||
| CVE-2013-7333 | 1 Projectfloodlight | 1 Open Sdn Controller | 2019-10-25 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch. | |||||
| CVE-2013-4238 | 3 Canonical, Opensuse, Python | 3 Ubuntu Linux, Opensuse, Python | 2019-10-25 | 4.3 MEDIUM | N/A |
| The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | |||||