CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5956 matches found

OSV•added 2015/12/15 12:0 a.m.•1 views

UBUNTU-CVE-2015-7216

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image...

6.8CVSS7AI score0.00892EPSS

Exploits0References4

OSV•added 2015/12/15 12:0 a.m.•0 views

UBUNTU-CVE-2015-7217

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service heap-based buffer overflow via a crafted Truevision TGA image...

4.3CVSS7.1AI score0.01302EPSS

Exploits0References4

Tenable Nessus•added 2015/12/15 12:0 a.m.•57 views

Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2617 advisory. - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - rac...

7.5CVSS7.7AI score0.92346EPSS

Exploits3References4

NVD•added 2015/12/11 11:59 a.m.•16 views

CVE-2015-7061

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060...

6.8CVSS8.3AI score0.01371EPSS

Exploits0References7

NVD•added 2015/12/11 11:59 a.m.•13 views

CVE-2015-7060

6.8CVSS8.3AI score0.01371EPSS

Exploits0References7

NVD•added 2015/12/11 11:59 a.m.•14 views

CVE-2015-7059

6.8CVSS8.3AI score0.01371EPSS

Exploits0References7

Prion•added 2015/12/11 11:59 a.m.•23 views

Memory corruption

6.8CVSS7.7AI score0.01371EPSS

Exploits0References7Affected Software3

Cvelist•added 2015/12/11 11:0 a.m.•20 views

CVE-2015-7061

8.7AI score0.01371EPSS

Exploits0References7

Cvelist•added 2015/12/11 11:0 a.m.•29 views

CVE-2015-7059

8.7AI score0.01371EPSS

Exploits0References7

CVE•added 2015/12/11 11:0 a.m.•65 views

CVE-2015-7060

CVE-2015-7060 targets Apple platforms with vulnerable ASN.1 decoding in OS X (pre-10.11.2), tvOS (pre-9.1), and watchOS (pre-2.1). A crafted certificate can trigger remote code execution or memory corruption (DoS). Root cause: ASN.1 decoder weakness. Affected components: OS X’s certificate handli...

6.8CVSS9.1AI score0.01371EPSS

Exploits0References7Affected Software1

CVE•added 2015/12/11 11:0 a.m.•58 views

CVE-2015-7061

CVE-2015-7061 affects Apple OS X prior to 10.11.2, tvOS prior to 9.1, and watchOS prior to 2.1. The issue stems from the ASN.1 decoder handling a crafted certificate, enabling remote code execution or memory corruption. This is a separate vulnerability from CVE-2015-7059 and CVE-2015-7060. Impact...

6.8CVSS9.1AI score0.01371EPSS

Exploits0References7Affected Software1

CVE•added 2015/12/11 11:0 a.m.•59 views

CVE-2015-7059

Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 are affected by CVE-2015-7059 via a flaw in the ASN.1 decoder that allows remote attackers to trigger memory corruption or arbitrary code execution through a crafted certificate. The report aggregates multiple CVEs in Apple’s 2015...

6.8CVSS9.1AI score0.01371EPSS

Exploits0References7Affected Software1

Tenable Nessus•added 2015/11/30 12:0 a.m.•35 views

openSUSE Security Update : ffmpeg (openSUSE-2015-821)

The ffmpeg package was updated to version 2.8.2 to fix the following security and non security issues : - CVE-2015-8216: Fixed the ljpegdecodeyuvscan function in libavcodec/mjpegdec.c which could cause a denial of service out-of-bounds array access bnc955346. - CVE-2015-8217: Fixed the...

7.5CVSS8.1AI score0.00519EPSS

Exploits0References8

FreeBSD•added 2015/11/30 12:0 a.m.•42 views

libraw -- memory objects not properly initialized

ChenQin reports: The LibRaw raw image decoder has multiple vulnerabilities that can cause memory errors which may lead to code execution or other problems. In CVE-2015-8367, LibRaw's phaseonecorrect function does not handle memory initialization correctly, which may cause other problems...

9.8CVSS9.7AI score0.02081EPSS

Exploits0References3

OSV•added 2015/11/26 5:59 p.m.•0 views

UBUNTU-CVE-2015-8363

The jpeg2000readmainheaders function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service out-of-bounds heap-memory access or...

6.8CVSS7.4AI score0.00485EPSS

Exploits0References2

NVD•added 2015/11/17 1:59 a.m.•16 views

CVE-2015-8219

The inittile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JP...

7.5CVSS7.4AI score0.0046EPSS

Exploits0References2

OSV•added 2015/11/05 5:59 a.m.•1 views

DEBIAN-CVE-2015-7182

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service application crash or possibly...

9.8CVSS9.5AI score0.11044EPSS

Exploits0References1

Prion•added 2015/11/05 5:59 a.m.•19 views

Heap overflow

7.5CVSS9AI score0.11044EPSS

Exploits0References34Affected Software8