Total
1465 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3296 | 5 Canonical, Debian, Linux and 2 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2025-04-11 | 2.1 LOW | N/A |
| The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call. | |||||
| CVE-2011-3038 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. | |||||
| CVE-2012-5138 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 10.0 HIGH | N/A |
| Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. | |||||
| CVE-2013-2486 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2025-04-11 | 6.1 MEDIUM | N/A |
| The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet. | |||||
| CVE-2013-4081 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
| The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. | |||||
| CVE-2013-6644 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2012-0449 | 4 Debian, Mozilla, Opensuse and 1 more | 8 Debian Linux, Firefox, Seamonkey and 5 more | 2025-04-11 | 9.3 HIGH | N/A |
| Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. | |||||
| CVE-2013-0766 | 5 Canonical, Mozilla, Opensuse and 2 more | 14 Ubuntu Linux, Firefox, Seamonkey and 11 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
| CVE-2012-3972 | 6 Canonical, Debian, Mozilla and 3 more | 15 Ubuntu Linux, Debian Linux, Firefox and 12 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read. | |||||
| CVE-2013-6394 | 2 Opensuse, Percona | 2 Opensuse, Xtrabackup | 2025-04-11 | 2.1 LOW | N/A |
| Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks. | |||||
| CVE-2013-0833 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing. | |||||
| CVE-2012-4195 | 5 Canonical, Mozilla, Opensuse and 2 more | 13 Ubuntu Linux, Firefox, Seamonkey and 10 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior. | |||||
| CVE-2013-6650 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
| The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages." | |||||
| CVE-2013-5619 | 6 Canonical, Fedoraproject, Mozilla and 3 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | |||||
| CVE-2012-5656 | 4 Canonical, Fedoraproject, Inkscape and 1 more | 4 Ubuntu Linux, Fedora, Inkscape and 1 more | 2025-04-11 | 2.1 LOW | 5.5 MEDIUM |
| The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. | |||||
| CVE-2012-3968 | 5 Canonical, Mozilla, Opensuse and 2 more | 14 Ubuntu Linux, Firefox, Seamonkey and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor. | |||||
| CVE-2010-3861 | 4 Canonical, Linux, Opensuse and 1 more | 6 Ubuntu Linux, Linux Kernel, Opensuse and 3 more | 2025-04-11 | 2.1 LOW | N/A |
| The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478. | |||||
| CVE-2012-2865 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | |||||
| CVE-2013-3330 | 8 Adobe, Apple, Google and 5 more | 14 Adobe Air, Adobe Air Sdk, Flash Player and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | |||||
| CVE-2012-1185 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2025-04-11 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247. | |||||