461 matches found
CVE-2016-9957
Summary: CVE-2016-9957 corresponds to a stack-based buffer overflow in the Game Music Emu library prior to version 0.6.1. Multiple connected advisories (Gentoo GLSA-201707-02, Fedora advisories) describe a remotely triggerable condition: a user could be enticed to open a specially crafted SPC mus...
CVE-2008-0063
CVE-2008-0063 affects MIT Kerberos 5 (krb5kdc) where Kerberos v4 support leaves an unused buffer uncleared when generating error messages. This can allow remote attackers to read sensitive information from memory. Public advisories across multiple vendors (e.g., MiracleLinux AXSA-2008-345/AXSA-20...
CVE-2016-4123
CVE-2016-4123 is part of the Adobe Flash Player vulnerabilities addressed in the APSB16-18 update. The connected sources show multiple Linux distribution advisories (openSUSE, SUSE, Alt Linux, Arch Linux) referencing CVE-2016-4123 among others and noting a security fix via Flash Player update to ...
CVE-2016-4134
CVE-2016-4134 is an Adobe Flash Player vulnerability that was addressed as part of the APSB16-18 bulletin. Several connected advisories indicate the fix was delivered by upgrading Flash Player to 11.2.202.626 (e.g., SUSE/openSUSE updates, ALT Linux packages, and Red Hat advisories). The provided ...
CVE-2016-4136
CVE-2016-4136 is an Adobe Flash Player vulnerability affecting Flash libraries used in Microsoft Internet Explorer 10/11 and Edge. Connected sources describe it as a heap-based buffer overflow/memory corruption flaw that can lead to arbitrary code execution. Impact is described as code execution ...
CVE-2016-4132
CVE-2016-4132 corresponds to an unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used in the Flash libraries in IE10/IE11 and Edge, with unknown impact in the initial entry but later connected advisories list multiple memory corruption/code-execution related CVEs. Connected...
CVE-2016-4124
The CVE-2016-4124 entry refers to multiple vulnerabilities in Adobe Flash Player (11.x era) affecting the Flash runtime used by browsers (e.g., in Internet Explorer and Edge) with various CVEs listed in the 2016-4122…4171 range. Connected advisories show remediation via updates to Flash Player 11...
CVE-2016-4129
CVE-2016-4129 is part of Adobe Flash Player updates delivered via the 11.2.202.626 patch (APSb16-18) used in Flash libraries in browsers. The connected sources enumerate multiple vulnerabilities in Flash Player (CVE-2016-4122, -4123, -4124, -4125, -4127, -4128, -4129, -4130, -4131, -4132, -4133, ...
CVE-2016-4140
CVE-2016-4140 is a directory search path vulnerability in the Adobe Flash Library used by Flash Player in Internet Explorer 10/11 and Microsoft Edge that could lead to arbitrary code execution. The issue affects Adobe Flash Player 21.0.0.242 and earlier (as used within IE/Edge). Publicly document...
CVE-2016-4145
CVE-2016-4145 is tied to Adobe Flash Player used in Internet Explorer 10/11 and Edge. The connected sources show this CVE as part of a broader set of Flash vulnerabilities (CVE-2016-4122 through CVE-2016-4148) patched by Adobe in APSB16-18, with open-source advisories from SUSE/OpenSUSE and Red H...
CVE-2011-1477
CVE-2011-1477 affects the Linux kernel (sound/oss/opl3.c) through multiple array index errors before 2.6.39. These flaws allow local users to cause a denial of service via heap memory corruption and, potentially, gain privileges by writing to /dev/sequencer. The issue is tied to Yamaha YM3812/OPL...
CVE-2012-4217
CVE-2012-4217 is a use-after-free in Mozilla Firefox <17.0, Thunderbird <17.0, and SeaMonkey
CVE-2014-1494
CVE-2014-1494 concerns multiple memory-safety vulnerabilities in the browser engine of Mozilla Firefox prior to 28.0 and SeaMonkey prior to 2.25, with remote denial of service or potential arbitrary code execution via unknown vectors. The connected docs confirm that these issues are part of MFSA ...
CVE-2014-6474
The CVE-2014-6474 entry concerns Oracle MySQL Server 5.6.19 and earlier. It is described as an unspecified vulnerability that remote authenticated users can exploit to affect availability via vectors related to SERVER:MEMCACHED. The NVD metadata shows a base score of 3.5 (LOW) with CVSS2 metrics:...
CVE-2016-4130
CVE-2016-4130 is an Adobe Flash Player vulnerability referenced in multiple advisories (e.g., SUSE/openSUSE, Red Hat) as part of the 2016-06 APSB16-18 update. The affected component is Flash Player as embedded in browsers (e.g., IE/Edge/Flash plugins). Remediation in the connected documents shows...
CVE-2016-4144
CVE-2016-4144 is an Adobe Flash Player vulnerability described as a type confusion issue in Flash Player 21.0.0.242 and earlier, used within the Flash libraries in Microsoft Internet Explorer 10/11 and Microsoft Edge, with unspecified impact and attack vectors. Public advisories and security bull...
CVE-2012-4195
CVE-2012-4195 concerns Mozilla Firefox (and related Mozilla components) where nsLocation::CheckURL does not correctly determine the calling document/principal, enabling cross-site scripting (XSS) via crafted sites and certain add-on behaviors. Affected products/versions include Firefox before 16....
CVE-2014-2484
Technical details for CVE-2014-2484 are not provided in the connected documents; references show a MySQL issue affecting confidentiality, integrity, and availability but do not specify root cause, affected versions, exploitation, or fixes.
CVE-2016-4122
CVE-2016-4122 concerns Adobe Flash Player/Flash plugin. Connected advisories cite multiple vendors (openSUSE/SUSE, Red Hat, ALT Linux, arch linux) reporting this CVE along with related ones (4123–4129, 4130–4132, 4133–4137, 4138–4148, 4150–4171). The vulnerability set includes memory corruption, ...
CVE-2016-4143
CVE-2016-4143 is part of a set of Flash Player vulnerabilities addressed in 2016 advisories. The connected documents identify it as a memory corruption issue in Adobe Flash Player components (used with IE/Edge) that could lead to arbitrary code execution. The Mageia advisory explicitly groups CVE...
CVE-2016-9958
CVE-2016-9958 affects Game Music Emu, prior to version 0.6.1. The vulnerability enables a remote attacker to cause arbitrary memory writes, potentially enabling arbitrary code execution or DoS when opening a crafted SPC file. Public sources (Gentoo GLSA 201707-02 and related advisories) instruct ...
CVE-2013-2728
CVE-2013-2728 concerns Adobe Flash Player (and AIR) with a memory-corruption based vulnerability that could allow arbitrary code execution or a denial of service via unspecified vectors. The initial description lists affected versions: Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 ...
CVE-2014-4214
Technical details for CVE-2014-4214 are not publicly available in the provided documents. Monitor for updates.
CVE-2016-4128
CVE-2016-4128 is listed as part of the Adobe Flash Player fixes in the APSB16-18 update. The connected sources describe multiple CVEs addressed by this update and indicate that distributions such as openSUSE, SUSE, ALT Linux, and Red Hat released security updates to Flash Player, upgrading to ver...
CVE-2010-2538
CVE-2010-2538: Integer overflow in btrfs_ioctl_clone (fs/btrfs/ioctl.c) of the Linux kernel before 2.6.35 may allow local users to obtain sensitive information via BTRFS_IOC_CLONE_RANGE. Public references confirm impact on local privilege/user data exposure with no remote vector. Affected compone...
CVE-2016-4127
CVE-2016-4127 is part of a set of Flash Player vulnerabilities documented across multiple advisories (e.g., APSB16-18) affecting Adobe Flash Player used in Internet Explorer 10/11 and Edge. Connected sources indicate this family includes CVEs such as 2016-4122, 4123, 4124, 4125, 4127, 4128, 4129,...
CVE-2016-4147
CVE-2016-4147 is an Adobe Flash Player memory-corruption vulnerability reported in multiple advisories. Connected sources describe affected Flash Player components (ActiveX/NPAPI) and Flash libraries, with root causes including type confusion, use-after-free, heap-based and other memory-corruptio...
CVE-2006-7246
CVE-2006-7246 affects NetworkManager 0.9.x, where the code path used for 802.11X authentication does not pin a certificate’s subject to the ESSID. The root cause is a failure to bind the server certificate to the specific wireless network, potentially allowing credential exposure or man-in-the-mi...
CVE-2015-5969
CVE-2015-5969 involves the mysql-systemd-helper script in mysql-community-server and mariadb packages on openSUSE/OpenSUSE Leap/SLE. The issue allows local users to discover database credentials by listing a running process and its arguments. Affected packages/versions (from the Initial Descripti...
CVE-2015-8929
CVE-2015-8929 is a memory-leak vulnerability in libarchive’s tar parser (function __archive_read_get_extract in archive_read_extract2.c) that could allow a remote attacker to cause a denial of service by processing a crafted tar file, unless fixed. Public sources in connected documents confirm th...
CVE-2016-4131
CVE-2016-4131 is listed among the Flash Player vulnerabilities addressed by the 2016 APSB16-18 update (Adobe Flash Player security bulletin) affecting Flash Player in Windows IE/Edge and in Linux distributions’ packages. The connected documents corroborate that multiple CVEs, including CVE-2016-4...
CVE-2014-9852
ImageMagick vulnerability CVE-2014-9852 affects the ImageMagick code path distribute-cache.c, where objects are re-used after being destroyed. This can allow remote attackers to trigger unspecified impact via unspecified vectors. The initial entry notes a remote-exploit scenario with unspecified ...
CVE-2016-4155
CVE-2016-4155 describes an unspecified memory-corruption vulnerability in Adobe Flash Player 21.0.0.242 and earlier, when used within the Flash libraries in Internet Explorer 10/11 and Microsoft Edge. The connected HackerOne entry attributes the issue to ShimContentResolver.resolve() with resolve...
CVE-2012-2040
CVE-2012-2040 describes a local privilege escalation in the Adobe Flash Player installer caused by an untrusted search path that could allow a Trojan horse executable in an unspecified directory to run with elevated privileges. The affected products span multiple platforms: Flash Player before 10...
CVE-2016-4133
CVE-2016-4133 is an unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used in the Flash libraries for Internet Explorer 10/11 and Edge. Connected documents indicate this CVE was addressed as part of Flash Player security updates across multiple distributions (e.g., ALT Linux...
CVE-2016-9959
CVE-2016-9959 affects Game Music Emu prior to 0.6.1. The vulnerability allows a remote attacker to cause out-of-bounds 8-bit values in SPC/music processing, as described by NVD. Consequences are stated as enabling potential arbitrary behavior from crafted inputs; exploitation details are not prov...
CVE-2016-4139
CVE-2016-4139 is an unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used in the Flash libraries for IE10/IE11 and Edge. Connected advisories associate this CVE with information disclosure and a same-origin policy bypass, and note that fixes exist (Adobe APSB16-18) along wi...
CVE-2012-3983
CVE-2012-3983 affects Mozilla Firefox (pre-16.0), Thunderbird (pre-16.0), and SeaMonkey (pre-2.13). Reported memory safety vulnerabilities could cause memory corruption and crashes and potentially allow arbitrary code execution via unknown vectors. Remediation evidenced in connected documents inc...
CVE-2012-5080
Technical details about CVE-2012-5080 are not provided in the supplied documents. Monitor for updates from official advisories.
CVE-2012-4212
Public technical details about CVE-2012-4212 are not disclosed in the provided documents. Monitoring for updates is advised.
CVE-2013-3332
Technical details are not publicly available in the provided documents. Monitor for updates from the sources; no specific affected products, versions, or fixes are disclosed here.
CVE-2013-3326
Technical details for CVE-2013-3326 are not publicly available in the provided connected documents; monitor for updates.
CVE-2013-3327
Technical details for CVE-2013-3327 are not publicly available in the provided connected documents. Please monitor for updates from official advisories; current sources here reference multiple related CVEs but provide no implementation specifics.
CVE-2013-3330
Technical details for CVE-2013-3330 are not publicly available in the provided connected documents; no affected products, exact vulnerability vectors, impact, or fixes are described here. Monitor for updates.
CVE-2014-2977
CVE-2014-2977 in DirectFB (Dispatch_Write in proxy/dispatcher/idirectfbsurface_dispatcher.c) allows remote attackers to cause a denial of service (crash) and possibly execute code via the Voodoo interface; CVE-2014-2978 is an out-of-bounds write in the same area. Connected advisories confirm thes...
CVE-2012-4218
CVE-2012-4218 involves a use-after-free in Mozilla Firefox’s BuildTextRunsScanner::BreakSink::SetBreaks, affecting Firefox < 17.0, Thunderbird < 17.0, and SeaMonkey
CVE-2013-3325
Technical details for CVE-2013-3325 are not publicly available in the provided documents. The connected EUVD entries mention malware in sbrugna but do not specify affected product/version, root cause, impact, or remediation for this CVE. Monitor for updates.
CVE-2013-3333
Technical details for CVE-2013-3333 are not publicly available in the provided connected documents. Monitor for updates; no concrete product/version/impact data is disclosed here.
CVE-2015-2576
CVE-2015-2576 is a local, unspecified vulnerability in the MySQL Utilities component of Oracle MySQL (version 1.5.1 and earlier) when running on Windows. It allows local users to affect integrity via unknown vectors related to Installation. Affected product scope is Oracle MySQL Utilities bundled...
CVE-2013-3324
Technical details for CVE-2013-3324 are not publicly available in the provided documents. Monitor for updates and gather future information from linked sources.