Lucene search
K

3839 matches found

OpenVAS
OpenVAS
added 2014/10/20 12:0 a.m.30 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Oct 2014) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

7.5CVSS9.6AI score0.04991EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2014/10/16 11:12 p.m.4 views

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.04053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/16 11:2 p.m.4 views

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.04053EPSS
Exploits0References5
OSV
OSV
added 2014/10/15 2:27 p.m.5 views

USN-2373-1 thunderbird vulnerabilities

Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service vi...

7.5CVSS7.4AI score0.04991EPSS
Exploits0References8
Prion
Prion
added 2014/10/15 10:55 a.m.22 views

Design/Logic Flaw

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and...

7.5CVSS8AI score0.03978EPSS
Exploits0References27Affected Software3
CVE
CVE
added 2014/10/15 10:0 a.m.142 views

CVE-2014-1581

CVE-2014-1581 is a use-after-free in DirectionalityUtils.cpp that affects Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2. The vulnerability allows a remote attacker to execute arbitrary code via text handling during directionality resolution and layout...

7.5CVSS9.6AI score0.03978EPSS
Exploits0References27Affected Software1
Cvelist
Cvelist
added 2014/10/15 10:0 a.m.25 views

CVE-2014-1581

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and...

9.7AI score0.03978EPSS
Exploits0References27
RedHat Linux
RedHat Linux
added 2014/10/15 3:3 a.m.5 views

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.04053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/15 2:39 a.m.3 views

Mozilla: Use-after-free interacting with text directionality (MFSA 2014-79)

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and...

7.5CVSS7.3AI score0.03978EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/15 2:9 a.m.4 views

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.04053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/15 1:26 a.m.4 views

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.04053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/14 8:47 p.m.4 views

ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D...

5CVSS6.7AI score0.04053EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2014/10/14 5:22 p.m.59 views

USN-2372-1: Firefox vulnerabilities

Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

7.5CVSS8.5AI score0.0527EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/10/14 12:0 a.m.27 views

CVE-2014-1581

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and...

7.5CVSS7.3AI score0.03978EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2014/10/09 1:9 p.m.36 views

xen: security and bugfix update (important)

XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...

8.3CVSS1.1AI score0.04554EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2014/10/02 6:40 p.m.7 views

bash: off-by-one error in deeply nested flow control constructs

An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...

10CVSS6.9AI score0.58462EPSS
Exploits12References4
Zero Day Initiative
Zero Day Initiative
added 2014/10/01 12:0 a.m.24 views

Microsoft Internet Explorer Layout Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.5AI score0.08537EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/09/26 5:58 p.m.6 views

bash: off-by-one error in deeply nested flow control constructs

An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...

10CVSS7AI score0.58462EPSS
Exploits12References4
RedHat Linux
RedHat Linux
added 2014/09/26 1:46 a.m.8 views

bash: off-by-one error in deeply nested flow control constructs

An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...

10CVSS7AI score0.58462EPSS
Exploits12References4
NVD
NVD
added 2014/09/18 10:55 a.m.30 views

CVE-2014-4419

The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371,...

1.9CVSS4.8AI score0.00387EPSS
Exploits0References12
Rows per page
Query Builder