Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 1 - 10 of 55218 in total

DSA-3083-1 mutt -- security update Vulnerability

  • Severity: 4
  • Published: November 29, 2014

A flaw was discovered in mutt, a text-based mailreader. A specially crafted mail header could cause mutt to crash, leading to a denial of service condition.

USN-2427-1: Libksba vulnerability Vulnerability

  • Severity: 4
  • Published: November 26, 2014

Hanno Böck discovered that Libksba incorrectly handled certain S/MIMEmessages or ECC based OpenPGP data. An attacker could use this issue tocause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code. The problem can be corrected by updating your system to the following package version: To update your sy...

DSA-3078-1 libksba -- security update Vulnerability

  • Severity: 4
  • Published: November 26, 2014

An integer underflow flaw, leading to a heap-based buffer overflow, was found in the ksba_oid_to_str() function of libksba, an X.509 and CMS (PKCS#7) library. By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow, which could cause an application using libksba to crash (denial of s...

SUSE Linux Security Advisory: CVE-2014-8716 Vulnerability

  • Severity: 4
  • Published: November 26, 2014

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

USN-2423-1: ClamAV vulnerabilities Vulnerability

  • Severity: 4
  • Published: November 25, 2014

Kurt Seifried discovered that ClamAV incorrectly handled certain JavaScriptfiles. An attacker could possibly use this issue to cause ClamAV to crash,resulting in a denial of service, or possibly execute arbitrary code.(CVE-2013-6497) Damien Millescamp discovered that ClamAV incorrectly handled certain PEfiles. An attacker could possibly ...

Amazon Linux AMI: Security patch for docker (ALAS-2014-454) (multiple CVEs) Vulnerability

  • Severity: 4
  • Published: November 25, 2014

Docker versions 1.3.0 through 1.3.1 allowed security options to be applied to images, allowing images to modify the default run profile of containers executing these images. This vulnerability could allow a malicious image creator to loosen the restrictions applied to a container's processes, potentially facilitating a break-out. (CVE-2...

USN-2426-1: FLAC vulnerabilities Vulnerability

  • Severity: 8
  • Published: November 25, 2014

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

DSA-3082-1 flac -- security update Vulnerability

  • Severity: 8
  • Published: November 25, 2014

Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

APSB14-26: Security updates available for Adobe Flash Player (CVE-2014-8439) Vulnerability

  • Severity: 4
  • Published: November 24, 2014

Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference...