Total
13646 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8863 | 2 Jq Project, Opensuse | 3 Jq, Leap, Opensuse | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow. | |||||
| CVE-2015-8843 | 1 Foxitsoftware | 1 Foxit Reader | 2026-06-17 | 6.9 MEDIUM | 7.4 HIGH |
| The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption. | |||||
| CVE-2015-8837 | 3 Debian, Fedoraproject, Fuseiso Project | 3 Debian Linux, Fedora, Fuseiso | 2026-06-17 | 6.8 MEDIUM | 7.3 HIGH |
| Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file. | |||||
| CVE-2015-8836 | 2 Fedoraproject, Fuseiso Project | 2 Fedora, Fuseiso | 2026-06-17 | 6.8 MEDIUM | 7.3 HIGH |
| Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow. | |||||
| CVE-2015-8808 | 3 Fedoraproject, Graphicsmagick, Suse | 5 Fedora, Graphicsmagick, Linux Enterprise Debuginfo and 2 more | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file. | |||||
| CVE-2015-8792 | 2 Matroska, Opensuse | 3 Libmatroska, Leap, Opensuse | 2026-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | |||||
| CVE-2015-8779 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name. | |||||
| CVE-2015-8778 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access. | |||||
| CVE-2015-8773 | 1 Mcafee | 1 File Lock | 2026-06-17 | 7.8 HIGH | 7.5 HIGH |
| Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call. | |||||
| CVE-2015-8764 | 1 Freeradius | 1 Freeradius | 2026-06-17 | 6.8 MEDIUM | 8.1 HIGH |
| Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow. | |||||
| CVE-2015-8726 | 1 Wireshark | 1 Wireshark | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. | |||||
| CVE-2015-8725 | 1 Wireshark | 1 Wireshark | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | |||||
| CVE-2015-8723 | 1 Wireshark | 1 Wireshark | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | |||||
| CVE-2015-8713 | 1 Wireshark | 1 Wireshark | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. | |||||
| CVE-2015-8710 | 2 Debian, Xmlsoft | 2 Debian Linux, Libxml2 | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment. | |||||
| CVE-2015-8708 | 1 Claws-mail | 1 Claws-mail | 2026-06-17 | 7.5 HIGH | 7.3 HIGH |
| Stack-based buffer overflow in the conv_euctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614. | |||||
| CVE-2015-8683 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image. | |||||
| CVE-2015-8676 | 1 Huawei | 22 S2300, S2300 Firmware, S2350ei and 19 more | 2026-06-17 | 7.8 HIGH | 7.5 HIGH |
| Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets. | |||||
| CVE-2015-8665 | 1 Libtiff | 1 Libtiff | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image. | |||||
| CVE-2015-8663 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | 7.5 HIGH | 8.3 HIGH |
| The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. | |||||
