CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Canonical : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2015-7545 20 Exec Code 2016-04-13 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule.
352 CVE-2015-6826 20 DoS 2015-09-06 2018-12-21
7.5
None Remote Low Not required Partial Partial Partial
The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data.
353 CVE-2015-6824 20 DoS 2015-09-06 2018-12-21
7.5
None Remote Low Not required Partial Partial Partial
The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video data.
354 CVE-2015-6820 119 DoS Overflow 2015-09-06 2018-12-21
7.5
None Remote Low Not required Partial Partial Partial
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted AAC data.
355 CVE-2015-6818 17 DoS 2015-09-06 2018-12-21
7.5
None Remote Low Not required Partial Partial Partial
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks.
356 CVE-2015-5312 399 DoS 2015-12-15 2019-03-08
7.1
None Remote Medium Not required None None Complete
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
357 CVE-2015-5277 119 DoS Overflow +Priv 2015-12-17 2017-07-01
7.2
None Local Low Not required Complete Complete Complete
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
358 CVE-2015-5260 119 DoS Exec Code Overflow Mem. Corr. 2016-06-07 2017-09-16
7.2
None Local Low Not required Complete Complete Complete
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
359 CVE-2015-5199 22 +Priv Dir. Trav. 2015-09-08 2016-12-22
7.2
None Local Low Not required Complete Complete Complete
Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.
360 CVE-2015-5198 264 +Priv 2015-09-08 2016-12-22
7.2
None Local Low Not required Complete Complete Complete
libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable.
361 CVE-2015-5143 399 DoS 2015-07-14 2017-09-22
7.8
None Remote Low Not required None None Complete
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
362 CVE-2015-4492 Exec Code 2015-08-16 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
363 CVE-2015-4489 119 DoS Overflow Mem. Corr. 2015-08-16 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.
364 CVE-2015-4488 2015-08-16 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
365 CVE-2015-4487 119 DoS Overflow Mem. Corr. 2015-08-16 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
366 CVE-2015-4475 119 DoS Exec Code Overflow 2015-08-16 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
367 CVE-2015-4047 476 DoS 2015-05-29 2019-03-27
7.8
None Remote Low Not required None None Complete
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
368 CVE-2015-3905 119 DoS Exec Code Overflow 2015-06-08 2016-12-31
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
369 CVE-2015-3416 119 DoS Overflow 2015-04-24 2018-07-19
7.5
None Remote Low Not required Partial Partial Partial
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
370 CVE-2015-3415 20 DoS 2015-04-24 2018-07-19
7.5
None Remote Low Not required Partial Partial Partial
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
371 CVE-2015-3414 20 DoS 2015-04-24 2018-07-19
7.5
None Remote Low Not required Partial Partial Partial
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.
372 CVE-2015-3409 +Priv 2015-05-19 2017-11-04
7.2
None Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
373 CVE-2015-3333 DoS 2015-04-19 2017-01-03
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
374 CVE-2015-3308 DoS 2015-09-02 2016-12-22
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.
375 CVE-2015-3279 189 DoS Exec Code Overflow 2015-07-14 2016-12-28
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
376 CVE-2015-3258 119 DoS Exec Code Overflow 2015-07-14 2016-12-28
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
377 CVE-2015-3209 787 Exec Code Overflow 2015-06-15 2020-09-09
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
378 CVE-2015-3166 119 Overflow +Info 2019-11-20 2019-11-22
7.5
None Remote Low Not required Partial Partial Partial
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
379 CVE-2015-3145 119 DoS Overflow 2015-04-24 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
380 CVE-2015-2775 22 Dir. Trav. 2015-04-13 2016-12-24
7.6
None Remote High Not required Complete Complete Complete
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
381 CVE-2015-2696 18 DoS 2015-11-09 2021-02-02
7.1
None Remote Medium Not required None None Complete
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.
382 CVE-2015-2301 DoS 2015-03-30 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
383 CVE-2015-2265 77 Exec Code 2015-03-24 2016-12-28
7.5
None Remote Low Not required Partial Partial Partial
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
384 CVE-2015-2238 DoS 2015-03-09 2016-11-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
385 CVE-2015-1779 400 DoS 2016-01-12 2020-09-09
7.8
None Remote Low Not required None None Complete
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
386 CVE-2015-1472 119 DoS Overflow 2015-04-08 2019-06-13
7.5
None Remote Low Not required Partial Partial Partial
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
387 CVE-2015-1395 22 Dir. Trav. 2017-08-25 2017-08-30
7.8
None Remote Low Not required None Complete None
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
388 CVE-2015-1346 DoS 2015-01-22 2017-09-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
389 CVE-2015-1344 264 +Priv 2015-12-07 2015-12-08
7.2
None Local Low Not required Complete Complete Complete
The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file.
390 CVE-2015-1341 264 2019-04-22 2019-05-07
7.2
None Local Low Not required Complete Complete Complete
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.
391 CVE-2015-1338 59 DoS +Priv 2015-10-01 2015-10-02
7.2
None Local Low Not required Complete Complete Complete
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
392 CVE-2015-1335 59 2015-10-01 2019-05-31
7.2
None Local Low Not required Complete Complete Complete
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
393 CVE-2015-1328 264 1 2016-11-28 2017-09-21
7.2
None Local Low Not required Complete Complete Complete
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
394 CVE-2015-1324 264 +Priv 2017-08-25 2017-08-30
7.2
None Local Low Not required Complete Complete Complete
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.
395 CVE-2015-1317 DoS Exec Code 2015-04-08 2015-09-29
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.
396 CVE-2015-1315 119 Exec Code Overflow 2015-02-23 2015-02-24
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
397 CVE-2015-1250 DoS 2015-05-01 2017-01-03
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
398 CVE-2015-1249 DoS 2015-04-19 2017-01-03
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
399 CVE-2015-1243 DoS 2015-05-01 2017-01-03
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered.
400 CVE-2015-1242 DoS 2015-04-19 2017-01-03
7.5
None Remote Low Not required Partial Partial Partial
The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization.
Total number of vulnerabilities : 563   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.