Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18659 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18659 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2038 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2025-04-12 | N/A |
| The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file. | ||||
| CVE-2014-1874 | 4 Canonical, Linux, Redhat and 1 more | 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-12 | N/A |
| The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. | ||||
| CVE-2016-1018 | 6 Adobe, Apple, Google and 3 more | 14 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 11 more | 2025-04-12 | 8.8 High |
| Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data. | ||||
| CVE-2016-1021 | 6 Adobe, Apple, Google and 3 more | 14 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 11 more | 2025-04-12 | 8.8 High |
| Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. | ||||
| CVE-2016-1022 | 6 Adobe, Apple, Google and 3 more | 14 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 11 more | 2025-04-12 | 8.8 High |
| Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. | ||||
| CVE-2014-1715 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. | ||||
| CVE-2014-1714 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. | ||||
| CVE-2016-1026 | 6 Adobe, Apple, Google and 3 more | 14 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 11 more | 2025-04-12 | 8.8 High |
| Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. | ||||
| CVE-2014-9751 | 6 Apple, Debian, Linux and 3 more | 9 Macos, Debian Linux, Linux Kernel and 6 more | 2025-04-12 | N/A |
| The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address. | ||||
| CVE-2016-0774 | 3 Google, Linux, Redhat | 4 Android, Linux Kernel, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805. | ||||
| CVE-2016-0758 | 3 Canonical, Linux, Redhat | 12 Ubuntu Linux, Linux Kernel, Enterprise Linux and 9 more | 2025-04-12 | 7.8 High |
| Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. | ||||
| CVE-2015-8641 | 6 Adobe, Apple, Google and 3 more | 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | ||||
| CVE-2015-8640 | 6 Adobe, Apple, Google and 3 more | 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | ||||
| CVE-2015-8639 | 6 Adobe, Apple, Google and 3 more | 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | ||||
| CVE-2014-1713 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. | ||||
| CVE-2014-1690 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Mrg | 2025-04-12 | N/A |
| The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature. | ||||
| CVE-2016-0960 | 7 Adobe, Apple, Google and 4 more | 16 Air, Air Desktop Runtime, Air Sdk and 13 more | 2025-04-12 | 8.8 High |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | ||||
| CVE-2014-4608 | 5 Canonical, Linux, Opensuse and 2 more | 7 Ubuntu Linux, Linux Kernel, Opensuse and 4 more | 2025-04-12 | 7.3 High |
| Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype. | ||||
| CVE-2014-0892 | 2 Ibm, Linux | 3 Lotus Domino, Lotus Notes, Linux Kernel | 2025-04-12 | N/A |
| IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W. | ||||
| CVE-2015-8638 | 6 Adobe, Apple, Google and 3 more | 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650. | ||||