Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 1 - 10 of 52533 in total

FreeBSD: phpMyAdmin -- XSS vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 4
  • Published: August 16, 2014

The phpMyAdmin development team reports: Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts and table relations pages. With a crafted database, table or a primary/unique key column name it is possible to trigger an XSS when dropping a row from the table. With a crafted column...

USN-2315-1: serf vulnerability Vulnerability

  • Severity: 4
  • Published: August 13, 2014

Ben Reser discovered that serf did not correctly handle SSL certificateswith NUL bytes in the CommonName or SubjectAltNames fields. A remoteattacker could exploit this to perform a man in the middle attack to viewsensitive information or alter encrypted communications. The problem can be corrected by updating your system to the followin...

USN-2310-1: Kerberos vulnerabilities Vulnerability

  • Severity: 9
  • Published: August 13, 2014

Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitra...

DSA-3005-1 gpgme1.0 -- security update Vulnerability

  • Severity: 4
  • Published: August 13, 2014

Tomáš Trnka discovered a heap-based buffer overflow within the gpgsm status handler of GPGME, a library designed to make access to GnuPG easier for applications. An attacker could use this issue to cause an application using GPGME to crash (denial of service) or possibly to execute arbitrary code.

Google Chrome Vulnerability: CVE-2014-3165 Vulnerability

  • Severity: 8
  • Published: August 12, 2014

Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a tempo...

Google Chrome Vulnerability: CVE-2014-3167 Vulnerability

  • Severity: 8
  • Published: August 12, 2014

Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.143 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Google Chrome Vulnerability: CVE-2014-3166 Vulnerability

  • Severity: 5
  • Published: August 12, 2014

The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names.

ELSA-2014-1052 Moderate: Oracle Linux 7 openssl security update Vulnerability

  • Severity: 7
  • Published: August 12, 2014

Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending El...

Security update for Adobe AIR (CVE-2014-0540) Vulnerability

  • Severity: 10
  • Published: August 11, 2014

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses,...