Export limit exceeded: 16022 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 12289 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12289 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9397 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | 7.5 High |
| The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | ||||
| CVE-2016-4859 | 1 Splunk | 1 Splunk | 2025-04-20 | N/A |
| Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.3 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2017-17853 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-20 | 7.8 High |
| kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations. | ||||
| CVE-2015-5171 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Elastic Runtime, Cloud Foundry Uaa | 2025-04-20 | 9.8 Critical |
| The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions. | ||||
| CVE-2017-1458 | 1 Ibm | 1 Qradar Network Security | 2025-04-20 | N/A |
| IBM QRadar Network Security 5.4 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128377. | ||||
| CVE-2015-5172 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Elastic Runtime, Cloud Foundry Uaa | 2025-04-20 | 9.8 Critical |
| Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links. | ||||
| CVE-2017-17446 | 1 Game-music-emu Project | 1 Game-music-emu | 2025-04-20 | N/A |
| The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka game-music-emu) 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | ||||
| CVE-2017-14609 | 1 Kannel | 1 Kannel | 2025-04-20 | N/A |
| The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by bearerbox. | ||||
| CVE-2017-14610 | 1 Bareos | 1 Bareos | 2025-04-20 | N/A |
| bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command. | ||||
| CVE-2017-1000061 | 2 Redhat, Xmlsec Project | 2 Enterprise Linux, Xmlsec | 2025-04-20 | N/A |
| xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service | ||||
| CVE-2016-8376 | 1 Kabona Ab | 1 Webdatorcentral | 2025-04-20 | N/A |
| An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. This non-validated redirect/non-validated forward (OPEN REDIRECT) allows chaining with authenticated vulnerabilities. | ||||
| CVE-2016-0721 | 3 Clusterlabs, Fedoraproject, Redhat | 3 Pcs, Fedora, Enterprise Linux | 2025-04-20 | N/A |
| Session fixation vulnerability in pcsd in pcs before 0.9.157. | ||||
| CVE-2016-10127 | 1 Pysaml2 Project | 1 Pysaml2 | 2025-04-20 | N/A |
| PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. | ||||
| CVE-2014-9942 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | ||||
| CVE-2015-7326 | 1 Milton | 1 Webdav | 2025-04-20 | N/A |
| XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3. | ||||
| CVE-2015-3880 | 1 Phpbb | 1 Phpbb | 2025-04-20 | N/A |
| Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2017-15207 | 1 Kanboard | 1 Kanboard | 2025-04-20 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a private project of another user. | ||||
| CVE-2016-1213 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites. | ||||
| CVE-2017-15208 | 1 Kanboard | 1 Kanboard | 2025-04-20 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic actions from a private project of another user. | ||||
| CVE-2017-15209 | 1 Kanboard | 1 Kanboard | 2025-04-20 | N/A |
| In Kanboard before 1.0.47, by altering form data, an authenticated user can remove attachments from a private project of another user. | ||||