| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe capability before entering subscriptions to site-wide event-monitor rules, which allows remote authenticated users to obtain sensitive information via a subscription request. |
| D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor. |
| platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text. |
| The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file. |
| attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label. |
| platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document, a different vulnerability than CVE-2015-1205. |
| The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript. |
| Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability." |
| The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view. |
| The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144. |
| Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits. |
| Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device. |
| The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. |
| The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message. |
| Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors. |
| Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors. |
| Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing. |
| Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper. |
| conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service (crash) via a (1) DCCP, (2) SCTP, or (3) ICMPv6 packet. |
| codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28816956. |