Total
12922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9538 | 1 Solarwinds | 1 Network Performance Monitor | 2025-04-20 | N/A |
| The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to cause a denial of service (permanent display of a "Cannot exit above the top directory" error message throughout the entire web application) via a ".." in the path field. In other words, the denial of service is caused by an incorrect implementation of a directory-traversal protection mechanism. | ||||
| CVE-2015-7893 | 1 Samsung | 1 Galaxy S6 | 2025-04-20 | N/A |
| SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. | ||||
| CVE-2015-8762 | 1 Freeradius | 1 Freeradius | 2025-04-20 | N/A |
| The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet. | ||||
| CVE-2017-14961 | 1 Ikarussecurity | 1 Anti.virus | 2025-04-20 | N/A |
| In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c. | ||||
| CVE-2017-0354 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2025-04-20 | N/A |
| All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under raised IRQL which may lead to a denial of service. | ||||
| CVE-2016-10338 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing. | ||||
| CVE-2015-9069 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted. | ||||
| CVE-2014-3651 | 1 Keycloak | 1 Keycloak | 2025-04-20 | N/A |
| JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a denial of service (resource consumption) via a large value in the size parameter to auth/qrcode, related to QR code generation. | ||||
| CVE-2017-5872 | 1 Unisys | 1 Clearpath Mcp | 2025-04-20 | N/A |
| The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump. | ||||
| CVE-2017-5858 | 1 Conversejs | 1 Converse.js | 2025-04-20 | N/A |
| An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Converse.js (0.8.0 - 1.0.6, 2.0.0 - 2.0.4). | ||||
| CVE-2015-4556 | 1 Call-cc | 1 Chicken | 2025-04-20 | N/A |
| The string-translate* procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2017-7428 | 1 Netiq | 1 Imanager | 2025-04-20 | N/A |
| NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat. | ||||
| CVE-2017-12869 | 2 Debian, Simplesamlphp | 2 Debian Linux, Simplesamlphp | 2025-04-20 | N/A |
| The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows remote attackers to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input. | ||||
| CVE-2017-12859 | 1 Netapp | 1 Data Ontap | 2025-04-20 | N/A |
| NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2017-5601 | 1 Libarchive | 1 Libarchive | 2025-04-20 | N/A |
| An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. | ||||
| CVE-2016-10703 | 1 Ecstatic Project | 1 Ecstatic | 2025-04-20 | 7.5 High |
| A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string. | ||||
| CVE-2017-12802 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2025-04-20 | N/A |
| The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | ||||
| CVE-2015-9068 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated. | ||||
| CVE-2010-3050 | 1 Cisco | 1 Ios | 2025-04-20 | N/A |
| Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot). | ||||
| CVE-2017-17997 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343. | ||||