Total
12922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-0354 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-20 | N/A |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under raised IRQL which may lead to a denial of service. | ||||
| CVE-2014-8323 | 1 Aircrack-ng | 1 Aircrack-ng | 2025-04-20 | N/A |
| buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter. | ||||
| CVE-2017-15667 | 1 Flexense | 1 Sysgauge | 2025-04-20 | N/A |
| In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221. | ||||
| CVE-2017-5089 | 3 Apple, Google, Redhat | 6 Macos, Chrome, Enterprise Linux Desktop and 3 more | 2025-04-20 | 6.5 Medium |
| Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name. | ||||
| CVE-2017-17997 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343. | ||||
| CVE-2017-5601 | 1 Libarchive | 1 Libarchive | 2025-04-20 | N/A |
| An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. | ||||
| CVE-2010-1821 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-20 | N/A |
| Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | ||||
| CVE-2017-5858 | 1 Conversejs | 1 Converse.js | 2025-04-20 | N/A |
| An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Converse.js (0.8.0 - 1.0.6, 2.0.0 - 2.0.4). | ||||
| CVE-2015-9033 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer. | ||||
| CVE-2014-9962 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command. | ||||
| CVE-2017-5105 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 6.5 Medium |
| Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | ||||
| CVE-2016-7742 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "xar" component, which allows remote attackers to execute arbitrary code via a crafted archive that triggers use of uninitialized memory locations. | ||||
| CVE-2014-0219 | 1 Apache | 1 Karaf | 2025-04-20 | N/A |
| Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports. | ||||
| CVE-2014-9933 | 1 Google | 1 Android | 2025-04-20 | N/A |
| Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | ||||
| CVE-2014-9809 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 5.5 Medium |
| ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. | ||||
| CVE-2015-0574 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient. | ||||
| CVE-2016-10222 | 1 Apple | 1 Safari | 2025-04-20 | N/A |
| runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. | ||||
| CVE-2017-5872 | 1 Unisys | 1 Clearpath Mcp | 2025-04-20 | N/A |
| The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump. | ||||
| CVE-2016-10338 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. | ||||
| CVE-2017-9538 | 1 Solarwinds | 1 Network Performance Monitor | 2025-04-20 | N/A |
| The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to cause a denial of service (permanent display of a "Cannot exit above the top directory" error message throughout the entire web application) via a ".." in the path field. In other words, the denial of service is caused by an incorrect implementation of a directory-traversal protection mechanism. | ||||