Total
31903 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9216 | 1 Qualcomm | 44 Mdm9206, Mdm9206 Firmware, Mdm9607 and 41 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, improper handling of simultaneous interrupt in USB module during USB RESET and EP COMPLETE. | |||||
| CVE-2015-4952 | 1 Ibm | 1 Endpoint Manager For Remote Control | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1 and 9.1.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. IBM X-Force ID: 105196. | |||||
| CVE-2015-3641 | 1 Bitcoin | 1 Bitcoin Core | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack. | |||||
| CVE-2015-3159 | 1 Redhat | 1 Automatic Bug Reporting Tool | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges. | |||||
| CVE-2015-2929 | 1 Torproject | 1 Tor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and application exit) via a malformed HS descriptor. | |||||
| CVE-2015-2928 | 1 Torproject | 1 Tor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. | |||||
| CVE-2015-2179 | 1 Xaviershay-dm-rails Porject | 1 Xaviershay-dm-rails | 2024-11-21 | N/A | 5.5 MEDIUM |
| The xaviershay-dm-rails gem 0.10.3.8 for Ruby allows local users to discover MySQL credentials by listing a process and its arguments. | |||||
| CVE-2015-10085 | 1 Gopistolet Project | 1 Gopistolet | 2024-11-21 | 2.7 LOW | 3.5 LOW |
| A vulnerability was found in GoPistolet. It has been declared as problematic. This vulnerability affects unknown code of the component MTA. The manipulation leads to denial of service. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as b91aa4674d460993765884e8463c70e6d886bc90. It is recommended to apply a patch to fix this issue. VDB-221506 is the identifier assigned to this vulnerability. | |||||
| CVE-2015-10002 | 1 Kiddoware | 1 Kids Place | 2024-11-21 | 2.1 LOW | 5.3 MEDIUM |
| A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component. | |||||
| CVE-2014-9908 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558). | |||||
| CVE-2014-9530 | 1 Nwjs | 1 Nw | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact. | |||||
| CVE-2014-6059 | 1 Vasyltech | 1 Advanced Access Manager | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability | |||||
| CVE-2014-5329 | 1 Tripodworks | 6 Gigapod 2010, Gigapod 2010 Firmware, Gigapod 3 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
| GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition. | |||||
| CVE-2014-5278 | 1 Docker | 1 Docker | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs. | |||||
| CVE-2014-5013 | 1 Dompdf Project | 1 Dompdf | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383. | |||||
| CVE-2014-5012 | 1 Dompdf Project | 1 Dompdf | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| DOMPDF before 0.6.2 allows denial of service. | |||||
| CVE-2014-4968 | 1 Boatmob | 1 Boat Browser | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web site, a related issue to CVE-2012-6636. | |||||
| CVE-2014-3979 | 1 Bytemark | 1 Symbiosis | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Bytemark Symbiosis allows remote attackers to cause a denial of service via a crafted username, which triggers the firewall to blacklist the IP. | |||||
| CVE-2014-3539 | 1 Rope Project | 1 Rope | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load. | |||||
| CVE-2014-125102 | 1 Bestwebsoft | 1 Relevant | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 1.0.8 is able to address this issue. The identifier of the patch is 860d1891025548cf0f5f97364c1f51a888f523c3. It is recommended to upgrade the affected component. The identifier VDB-230113 was assigned to this vulnerability. | |||||