Show filters
684 Total Results
Displaying 11-20 of 684
Sort by:
Attacker Value
Unknown
CVE-2015-7645
Disclosure Date: October 15, 2015 (last updated July 17, 2024)
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
1
Attacker Value
Unknown
CVE-2014-3566
Disclosure Date: October 15, 2014 (last updated November 25, 2024)
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
1
Attacker Value
Unknown
CVE-2014-1958
Disclosure Date: February 06, 2020 (last updated November 28, 2024)
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
0
Attacker Value
Unknown
CVE-2014-2030
Disclosure Date: February 06, 2020 (last updated November 28, 2024)
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
0
Attacker Value
Unknown
CVE-2013-3565
Disclosure Date: January 31, 2020 (last updated November 08, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua.
0
Attacker Value
Unknown
CVE-2015-2325
Disclosure Date: January 14, 2020 (last updated November 28, 2024)
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
0
Attacker Value
Unknown
CVE-2015-2326
Disclosure Date: January 14, 2020 (last updated November 28, 2024)
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".
0
Attacker Value
Unknown
CVE-2014-3495
Disclosure Date: December 13, 2019 (last updated November 27, 2024)
duplicity 0.6.24 has improper verification of SSL certificates
0
Attacker Value
Unknown
CVE-2014-2387
Disclosure Date: December 13, 2019 (last updated November 27, 2024)
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities
0
Attacker Value
Unknown
CVE-2013-7370
Disclosure Date: December 11, 2019 (last updated November 27, 2024)
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware
0