Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 1 - 10 of 55075 in total

SUSE Linux Security Advisory: CVE-2014-8627 Vulnerability

  • Severity: 4
  • Published: November 23, 2014

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Advisory: CVE-2014-8628 Vulnerability

  • Severity: 4
  • Published: November 23, 2014

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

FreeBSD: asterisk -- Multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 4
  • Published: November 20, 2014

The Asterisk project reports: AST-2014-012 - Mixed IP address families in access control lists may permit unwanted traffic. AST-2014-018 - AMI permission escalation through DB dialplan function.

FreeBSD: asterisk -- Multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 4
  • Published: November 20, 2014

The Asterisk project reports: AST-2014-014 - High call load may result in hung channels in ConfBridge. AST-2014-017 - Permission escalation through ConfBridge actions/dialplan functions.

USN-2412-1: Ruby vulnerability Vulnerability

  • Severity: 4
  • Published: November 20, 2014

The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entit...

USN-2413-1: AppArmor vulnerability Vulnerability

  • Severity: 4
  • Published: November 19, 2014

An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Undercertain circumstances, a malicious application could use this flaw to performoperations that are not allowed by AppArmor policy. The flaw may also preventapplications from accessing resources that are allowed by AppArmor policy. The problem can be corrected b...

DSA-3075-1 drupal7 -- security update Vulnerability

  • Severity: 4
  • Published: November 19, 2014

Two vulnerabilities were discovered in Drupal, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following issues:

FreeBSD: phpMyAdmin -- XSS and information disclosure vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 4
  • Published: November 19, 2014

The phpMyAdmin development team reports: With a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page. With a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoom search pages. With a crafted va...

Google Chrome Vulnerability: CVE-2014-7903 Vulnerability

  • Severity: 8
  • Published: November 18, 2014

Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image.

Google Chrome Vulnerability: CVE-2014-7906 Vulnerability

  • Severity: 8
  • Published: November 18, 2014

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime.