Total
10626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3092 | 1 Google | 1 Chrome | 2017-12-29 | 10.0 HIGH | N/A |
| The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2017-13858 | 1 Apple | 1 Mac Os X | 2017-12-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2017-13848 | 1 Apple | 1 Mac Os X | 2017-12-28 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2014-1539 | 2 Apple, Mozilla | 3 Mac Os X, Firefox, Thunderbird | 2017-12-28 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image. | |||||
| CVE-2017-10897 | 1 Buffalo | 4 Bbr-4hg, Bbr-4hg Firmware, Bbr-4mg and 1 more | 2017-12-20 | 5.5 MEDIUM | 4.5 MEDIUM |
| Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors. | |||||
| CVE-2017-14914 | 1 Google | 1 Android | 2017-12-20 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale. | |||||
| CVE-2017-14909 | 1 Google | 1 Android | 2017-12-19 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated. | |||||
| CVE-2017-14908 | 1 Google | 1 Android | 2017-12-19 | 10.0 HIGH | 9.8 CRITICAL |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verify. | |||||
| CVE-2017-0878 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291. | |||||
| CVE-2017-0877 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937. | |||||
| CVE-2017-0876 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675. | |||||
| CVE-2017-0872 | 1 Google | 1 Android | 2017-12-19 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323. | |||||
| CVE-2017-0874 | 1 Google | 1 Android | 2017-12-19 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63315932. | |||||
| CVE-2017-0873 | 1 Google | 1 Android | 2017-12-19 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63316255. | |||||
| CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2017-12-19 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||
| CVE-2017-13148 | 1 Google | 1 Android | 2017-12-18 | 7.1 HIGH | 6.5 MEDIUM |
| A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533. | |||||
| CVE-2014-2668 | 1 Apache | 1 Couchdb | 2017-12-16 | 5.0 MEDIUM | N/A |
| Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids. | |||||
| CVE-2014-1985 | 1 Redmine | 1 Redmine | 2017-12-16 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine before 2.4.5 and 2.5.x before 2.5.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the back url (back_url parameter). | |||||
| CVE-2014-0106 | 2 Apple, Todd Miller | 2 Mac Os X, Sudo | 2017-12-16 | 6.6 MEDIUM | N/A |
| Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable. | |||||
| CVE-2014-0086 | 1 Redhat | 2 Jboss Web Framework Kit, Richfaces | 2017-12-16 | 4.3 MEDIUM | N/A |
| The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests. | |||||