Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying entries 1 - 10 of 55013 in total

DSA-2988-1 transmission -- security update Vulnerability

  • Severity: 4
  • Published: July 23, 2014

Ben Hawkes discovered that incorrect handling of peer messages in the Transmission bittorrent client could result in denial of service or the execution of arbitrary code.

USN-2297-1: acpi-support vulnerability Vulnerability

  • Severity: 7
  • Published: July 23, 2014

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

DSA-2984-1 acpi-support -- security update Vulnerability

  • Severity: 7
  • Published: July 23, 2014

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

USN-2300-1: LZO vulnerability Vulnerability

  • Severity: 4
  • Published: July 23, 2014

Don A. Bailey discovered that LZO incorrectly handled certain input data.An attacker could use this issue to cause LZO to crash, resulting in adenial of service, or possibly execute arbitrary code. The problem can be corrected by updating your system to the following package version: To update your system, please follow these instructio...

FreeBSD: bugzilla -- Cross Site Request Forgery (CVE-2014-1546) Vulnerability

  • Severity: 4
  • Published: July 23, 2014

A Bugzilla Security Advisory reports: Adobe does not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against Bugzilla's JSONP endpoint, possibly obtaining sensitive bug information, via a crafted OBJECT element with SWF content sat...

USN-2296-1: Thunderbird vulnerabilities Vulnerability

  • Severity: 10
  • Published: July 22, 2014

Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

MFSA2014-64 Firefox: Crash in Skia library when scaling high quality images (CVE-2014-1557) Vulnerability

  • Severity: 9
  • Published: July 22, 2014

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by sc...