Select Database
  • Vulnerability Database
  • Metasploit Modules
  • All

Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.
Or, Browse latest vulnerabilities or latest modules

Displaying vulnerability details 1 - 10 of 45855 in total


Back to search

DSA-2902-1 curl -- security update Vulnerability

  • Severity: 4
  • Published: April 13, 2014

Two vulnerabilities have been discovered in cURL, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-2900-1 jbigkit -- security update Vulnerability

  • Severity: 4
  • Published: April 11, 2014

Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.

Google Chrome Vulnerability: CVE-2014-1718 Vulnerability

  • Severity: 8
  • Published: April 09, 2014

Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of...

Google Chrome Vulnerability: CVE-2014-1717 Vulnerability

  • Severity: 8
  • Published: April 09, 2014

Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.

Google Chrome Vulnerability: CVE-2014-1716 Vulnerability

  • Severity: 8
  • Published: April 09, 2014

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

DSA-2898-1 imagemagick -- security update Vulnerability

  • Severity: 4
  • Published: April 09, 2014

Several buffer overflows were found in Imagemagick, a suite of image manipulation programs. Processing malformed PSD files could lead to the execution of arbitrary code.

DSA-2901-1 wordpress -- security update Vulnerability

  • Severity: 6
  • Published: April 09, 2014

The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie.

DSA-2899-1 openafs -- security update Vulnerability

  • Severity: 4
  • Published: April 09, 2014

Michael Meffie discovered that in OpenAFS, a distributed filesystem, an attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the fileserver, and potentially permitting the execution of arbitrary code.

Google Chrome Vulnerability: CVE-2014-1720 Vulnerability

  • Severity: 8
  • Published: April 09, 2014

Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes.