Export limit exceeded: 24840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24840 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8736 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file. | ||||
| CVE-2015-8737 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | ||||
| CVE-2015-8738 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet. | ||||
| CVE-2015-8739 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | ||||
| CVE-2015-8740 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | ||||
| CVE-2015-8741 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2015-8742 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet. | ||||
| CVE-2015-8744 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-12 | 5.5 Medium |
| QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. | ||||
| CVE-2015-8747 | 1 Radicale | 1 Radicale | 2025-04-12 | N/A |
| The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name. | ||||
| CVE-2015-8749 | 1 Openstack | 1 Nova | 2025-04-12 | N/A |
| The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors. | ||||
| CVE-2015-8760 | 1 Typo3 | 1 Typo3 | 2025-04-12 | N/A |
| The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing." | ||||
| CVE-2015-8790 | 1 Matroska | 1 Libebml | 2025-04-12 | N/A |
| The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. | ||||
| CVE-2015-8791 | 1 Matroska | 1 Libebml | 2025-04-12 | N/A |
| The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. | ||||
| CVE-2015-8792 | 2 Matroska, Opensuse | 3 Libmatroska, Leap, Opensuse | 2025-04-12 | N/A |
| The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | ||||
| CVE-2015-8844 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-12 | N/A |
| The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. | ||||
| CVE-2015-8853 | 2 Fedoraproject, Perl | 2 Fedora, Perl | 2025-04-12 | N/A |
| The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80." | ||||
| CVE-2015-8869 | 4 Fedoraproject, Ocaml, Opensuse and 1 more | 4 Fedora, Ocaml, Opensuse and 1 more | 2025-04-12 | N/A |
| OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function. | ||||
| CVE-2015-8873 | 3 Opensuse, Php, Redhat | 3 Leap, Php, Rhel Software Collections | 2025-04-12 | 7.5 High |
| Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls. | ||||
| CVE-2015-8879 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-12 | 7.5 High |
| The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table. | ||||
| CVE-2015-8899 | 2 Canonical, Thekelleys | 2 Ubuntu Linux, Dnsmasq | 2025-04-12 | N/A |
| Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. | ||||