Search
Total
2614 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5145 | 1 Djangoproject | 1 Django | 2017-09-22 | 7.8 HIGH | N/A |
| validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | |||||
| CVE-2015-4280 | 1 Cisco | 1 Prime Collaboration | 2017-09-22 | 5.0 MEDIUM | N/A |
| Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844. | |||||
| CVE-2015-4275 | 1 Cisco | 1 Asr 5000 Series Software | 2017-09-22 | 5.0 MEDIUM | N/A |
| The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534. | |||||
| CVE-2015-5358 | 1 Juniper | 1 Junos | 2017-09-21 | 7.1 HIGH | N/A |
| Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35, 13.2X52 before 13.2X52-D25, 13.3 before 13.3R6, 14.1R3 before 14.1R3-S2, 14.1 before 14.1R4, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D16, 14.1X55 before 14.1X55-D25, 14.2 before 14.2R2, and 15.1 before 15.1R1 allows remote attackers to cause a denial of service (mbuf and connection consumption and restart) via a large number of requests that trigger a TCP connection to move to the LAST_ACK state when there is more data to send. | |||||
| CVE-2015-4318 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2017-09-21 | 5.0 MEDIUM | N/A |
| Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528. | |||||
| CVE-2015-4317 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2017-09-21 | 5.0 MEDIUM | N/A |
| Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in an authentication packet, aka Bug ID CSCuv40469. | |||||
| CVE-2015-4277 | 1 Cisco | 12 Nexus 93120tx, Nexus 93128tx, Nexus 9332pq and 9 more | 2017-09-21 | 4.9 MEDIUM | N/A |
| The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842. | |||||
| CVE-2015-4296 | 1 Cisco | 11 Nexus 3016, Nexus 3048, Nexus 3064 and 8 more | 2017-09-21 | 5.0 MEDIUM | N/A |
| Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software 6.0(2)A6(1) allows remote attackers to cause a denial of service (Java process restart) via crafted connections to the Java application, aka Bug ID CSCut87006. | |||||
| CVE-2015-5747 | 1 Apple | 1 Mac Os X | 2017-09-21 | 4.9 MEDIUM | N/A |
| The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors. | |||||
| CVE-2015-0681 | 1 Cisco | 2 Ios, Ios Xe | 2017-09-21 | 7.1 HIGH | N/A |
| The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733. | |||||
| CVE-2015-6277 | 1 Cisco | 7 1000v, Mds 9000, Nexus 3000 and 4 more | 2017-09-20 | 6.1 MEDIUM | N/A |
| The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292. | |||||
| CVE-2015-6270 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv6 packet, aka Bug ID CSCsv98555. | |||||
| CVE-2015-6271 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008. | |||||
| CVE-2015-6272 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064. | |||||
| CVE-2015-6268 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482. | |||||
| CVE-2015-6269 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted (1) IPv4 or (2) IPv6 packet, aka Bug ID CSCsw69990. | |||||
| CVE-2015-6267 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and CSCsw95496. | |||||
| CVE-2015-6273 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2017-09-20 | 7.8 HIGH | N/A |
| Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623. | |||||
| CVE-2013-1686 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
| CVE-2013-2843 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data. | |||||
| CVE-2013-2909 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. | |||||
| CVE-2013-2861 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2839 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2903 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. | |||||
| CVE-2013-1681 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
| CVE-2013-2840 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846. | |||||
| CVE-2013-2870 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. | |||||
| CVE-2013-2844 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution. | |||||
| CVE-2013-6625 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. | |||||
| CVE-2013-2846 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840. | |||||
| CVE-2013-2884 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object. | |||||
| CVE-2013-2913 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. | |||||
| CVE-2013-2921 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry. | |||||
| CVE-2013-2837 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2925 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object. | |||||
| CVE-2013-1722 | 1 Mozilla | 5 Firefox, Firefox Esr, Seamonkey and 2 more | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning. | |||||
| CVE-2013-1674 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video. | |||||
| CVE-2013-2926 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements. | |||||
| CVE-2013-1579 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 2.9 LOW | N/A |
| The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | |||||
| CVE-2013-2922 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element. | |||||
| CVE-2013-2841 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper resources. | |||||
| CVE-2013-2904 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. | |||||
| CVE-2013-4923 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. | |||||
| CVE-2013-4931 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector. | |||||
| CVE-2013-2910 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-4922 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-6624 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes. | |||||
| CVE-2013-1677 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2013-2911 | 1 Google | 1 Chrome | 2017-09-19 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of post-failure recompilation in unspecified libxslt versions. | |||||
| CVE-2013-2918 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect handling of parent-child relationships for anonymous blocks. | |||||