Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SuseLinux Enterprise Desktop

66 matches found

cve
cveadded 2014/06/05 8:55 p.m.87 views

CVE-2014-3468

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

7.5CVSS5.8AI score0.07656EPSS
cve
cveadded 2014/03/19 10:55 a.m.83 views

CVE-2014-1504

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart...

2.6CVSS8.1AI score0.00606EPSS
cve
cveadded 2014/02/06 5:44 a.m.82 views

CVE-2014-1485

The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient sty...

7.5CVSS9.4AI score0.00964EPSS
cve
cveadded 2014/10/15 10:55 a.m.79 views

CVE-2014-0569

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code ...

9.3CVSS7.6AI score0.8933EPSS
cve
cveadded 2014/06/05 8:55 p.m.78 views

CVE-2014-3469

The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.

5CVSS5.6AI score0.06235EPSS
cve
cveadded 2014/02/06 5:44 a.m.77 views

CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

5CVSS8.5AI score0.00632EPSS
cve
cveadded 2014/03/19 10:55 a.m.77 views

CVE-2014-1499

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

4.3CVSS9AI score0.00611EPSS
cve
cveadded 2014/10/15 10:55 a.m.75 views

CVE-2014-0564

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.15429EPSS
cve
cveadded 2014/10/15 10:55 p.m.71 views

CVE-2014-6564

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

4CVSS6.1AI score0.00615EPSS
cve
cveadded 2014/03/19 10:55 a.m.70 views

CVE-2014-1494

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS9.9AI score0.00485EPSS
cve
cveadded 2014/07/17 5:10 a.m.67 views

CVE-2014-2484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

6.5CVSS5.1AI score0.00834EPSS
cve
cveadded 2014/07/17 5:10 a.m.66 views

CVE-2014-4214

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.

3.3CVSS5.1AI score0.00858EPSS
cve
cveadded 2014/10/15 3:55 p.m.66 views

CVE-2014-6474

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.

3.5CVSS6.1AI score0.0037EPSS
cve
cveadded 2014/06/11 2:55 p.m.55 views

CVE-2014-2977

Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overfl...

10CVSS7.8AI score0.10198EPSS
cve
cveadded 2014/03/19 10:55 a.m.54 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

5.8CVSS8.9AI score0.00229EPSS
cve
cveadded 2014/06/11 2:55 p.m.51 views

CVE-2014-2978

The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.

10CVSS7.6AI score0.08617EPSS
Total number of security vulnerabilities66