CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

958 matches found

UbuntuCve•added 2015/01/14 12:0 a.m.•33 views

CVE-2014-8637

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...

5CVSS6.9AI score0.00489EPSS

Exploits0References3

NVD•added 2014/10/15 10:55 a.m.•12 views

CVE-2014-1580

Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element...

5CVSS5.9AI score0.00456EPSS

Exploits0References13

Prion•added 2014/10/15 10:55 a.m.•25 views

Information disclosure

5CVSS6.4AI score0.00456EPSS

Exploits0References13Affected Software1

OSV•added 2014/10/14 12:0 a.m.•0 views

UBUNTU-CVE-2014-1580

5CVSS6.9AI score0.00456EPSS

Exploits0References4

NVD•added 2014/09/18 10:55 a.m.•16 views

CVE-2014-4421

The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371,...

1.9CVSS4.8AI score0.00078EPSS

Exploits0References12

NVD•added 2014/09/18 10:55 a.m.•19 views

CVE-2014-4419

1.9CVSS4.8AI score0.00078EPSS

Exploits0References12

NVD•added 2014/09/18 10:55 a.m.•16 views

CVE-2014-4407

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls...

4.3CVSS2.6AI score0.00215EPSS

Exploits0References10

Prion•added 2014/09/18 10:55 a.m.•29 views

Design/Logic Flaw

1.9CVSS4.9AI score0.00078EPSS

Exploits0References12Affected Software3

CVE•added 2014/09/18 10:0 a.m.•58 views

CVE-2014-4419

CVE-2014-4419: Kernel memory disclosure via uninitialized memory in the Apple OS X/iOS network statistics interface (kernel). The issue allows a crafted application to obtain sensitive memory content and memory-layout information. Affected platform references in the public data point to OS X kern...

1.9CVSS3.6AI score0.00078EPSS

Exploits0References12Affected Software1

CVE•added 2014/09/18 10:0 a.m.•66 views

CVE-2014-4420

The CVE-2014-4420 entry describes a kernel memory initialization flaw in the network-statistics interface of Apple iOS (pre-8) and Apple TV (pre-7). A crafted application could leak memory contents and layout information from the kernel, similarly to other CVEs in the bundle. The root cause is me...

1.9CVSS3.6AI score0.00078EPSS

Exploits0References12Affected Software1

NVD•added 2014/09/03 10:55 a.m.•18 views

CVE-2014-1564

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated...

4.3CVSS5.9AI score0.13912EPSS

Exploits1References16

Cvelist•added 2014/09/03 10:0 a.m.•27 views

CVE-2014-1564

8.9AI score0.13912EPSS

Exploits1References16

Tenable Nessus•added 2014/09/03 12:0 a.m.•47 views

Firefox ESR 31.x < 31.1 Multiple Vulnerabilities (Mac OS X)

The version of Firefox ESR 31.x installed on the remote Mac OS X host is prior to 31.1. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary...

10CVSS7.3AI score0.13912EPSS

Exploits1References12

UbuntuCve•added 2014/09/02 12:0 a.m.•33 views

CVE-2014-1564

4.3CVSS6.9AI score0.13912EPSS

Exploits1References4

seebug.org•added 2014/07/01 12:0 a.m.•16 views

Linux Kernel 2.6.x 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33846/info The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible operation. Successful exploits will allow...

7.1AI score

Exploits0

NVD•added 2013/11/08 3:55 p.m.•15 views

CVE-2013-4548

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet dat...

6CVSS6.1AI score0.00305EPSS

Exploits1References5

OSV•added 2013/11/08 3:55 p.m.•4 views

CVE-2013-4548

6AI score

Exploits0References5

Debian CVE•added 2013/11/08 3:0 p.m.•15 views

CVE-2013-4548

6CVSS6AI score0.00305EPSS

Exploits1

CVE•added 2013/11/08 3:0 p.m.•244 views

CVE-2013-4548

CVE-2013-4548 affects OpenSSH sshd 6.2/6.3 when using AES-GCM. The bug is in mm_newkeys_from_blob (monitor_wrap.c) where memory for a MAC context isn’t initialized, allowing remote authenticated users to bypass ForceCommand and login-shell restrictions via crafted packet data. Several connected s...

6CVSS6AI score0.00305EPSS

Exploits1References5Affected Software1

UbuntuCve•added 2013/11/08 12:0 a.m.•20 views

CVE-2013-4548

6CVSS7.2AI score0.00305EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by