Search
Total
2662 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4087 | 1 Huawei | 4 S12700, S12700 Firmware, S5700 and 1 more | 2016-05-25 | 5.1 MEDIUM | 8.1 HIGH |
| Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets. | |||||
| CVE-2015-7557 | 1 Gnome | 1 Librsvg | 2016-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document. | |||||
| CVE-2016-4425 | 1 Jansson Project | 1 Jansson | 2016-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data. | |||||
| CVE-2015-5726 | 2 Botan Project, Debian | 2 Botan, Debian Linux | 2016-05-16 | 5.0 MEDIUM | 7.5 HIGH |
| The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data. | |||||
| CVE-2016-4535 | 1 Mcafee | 1 Livesafe | 2016-05-10 | 7.8 HIGH | 7.5 HIGH |
| Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable. | |||||
| CVE-2016-2145 | 2 Fedoraproject, Uninett | 2 Fedora, Mod Auth Mellon | 2016-04-25 | 5.0 MEDIUM | 7.5 HIGH |
| The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which allows remote attackers to cause a denial of service (segmentation fault and process crash) via a crafted POST data. | |||||
| CVE-2016-3678 | 1 Huawei | 10 S5300, S5300 Firmware, S5700 and 7 more | 2016-04-14 | 7.8 HIGH | 7.5 HIGH |
| Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic. | |||||
| CVE-2015-5042 | 1 Ibm | 1 Emptoris Contract Management | 2016-03-10 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file. | |||||
| CVE-2016-2537 | 1 Is My Json Valid Project | 1 Is My Json Valid | 2016-02-29 | 5.0 MEDIUM | 7.5 HIGH |
| The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via a crafted string. | |||||
| CVE-2016-1303 | 1 Cisco | 16 500 Series Switch Firmware, Sf500-24, Sf500-24p and 13 more | 2016-02-24 | 7.8 HIGH | 7.5 HIGH |
| The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330. | |||||
| CVE-2015-7754 | 1 Juniper | 1 Screenos | 2016-01-13 | 9.3 HIGH | 8.1 HIGH |
| Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation. | |||||
| CVE-2015-8331 | 1 Huawei | 1 Vcn500 | 2016-01-11 | 5.8 MEDIUM | 7.4 HIGH |
| The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attackers to conduct replay attacks via the session ID. | |||||