Filtered by vendor Oracle
Subscriptions
Filtered by product Linux
Subscriptions
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7977 | 9 Canonical, Debian, Fedoraproject and 6 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2025-04-20 | 5.9 Medium |
| ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | ||||
| CVE-2015-7691 | 5 Debian, Netapp, Ntp and 2 more | 14 Debian Linux, Clustered Data Ontap, Data Ontap and 11 more | 2025-04-20 | 7.5 High |
| The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | ||||
| CVE-2015-3811 | 3 Oracle, Redhat, Wireshark | 4 Linux, Solaris, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. | ||||
| CVE-2015-3812 | 3 Oracle, Redhat, Wireshark | 4 Linux, Solaris, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. | ||||
| CVE-2014-8566 | 3 Oracle, Redhat, Uninett | 3 Linux, Enterprise Linux, Mod Auth Mellon | 2025-04-12 | N/A |
| The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory." | ||||
| CVE-2016-1958 | 4 Mozilla, Opensuse, Oracle and 1 more | 4 Firefox, Opensuse, Linux and 1 more | 2025-04-12 | N/A |
| browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL. | ||||
| CVE-2016-1961 | 5 Mozilla, Opensuse, Oracle and 2 more | 7 Firefox, Thunderbird, Leap and 4 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. | ||||
| CVE-2016-1965 | 4 Mozilla, Opensuse, Oracle and 1 more | 4 Firefox, Opensuse, Linux and 1 more | 2025-04-12 | N/A |
| Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property. | ||||
| CVE-2016-2791 | 6 Mozilla, Opensuse, Oracle and 3 more | 7 Firefox, Leap, Opensuse and 4 more | 2025-04-12 | N/A |
| The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | ||||
| CVE-2016-2793 | 6 Mozilla, Opensuse, Oracle and 3 more | 7 Firefox, Leap, Opensuse and 4 more | 2025-04-12 | N/A |
| CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | ||||
| CVE-2016-1957 | 5 Mozilla, Novell, Opensuse and 2 more | 7 Firefox, Thunderbird, Suse Package Hub For Suse Linux Enterprise and 4 more | 2025-04-12 | N/A |
| Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. | ||||
| CVE-2016-3606 | 2 Oracle, Redhat | 5 Jdk, Jre, Linux and 2 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. | ||||
| CVE-2016-4554 | 4 Canonical, Oracle, Redhat and 1 more | 4 Ubuntu Linux, Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue. | ||||
| CVE-2016-4553 | 4 Canonical, Oracle, Redhat and 1 more | 4 Ubuntu Linux, Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request. | ||||
| CVE-2015-2189 | 6 Debian, Mageia, Opensuse and 3 more | 7 Debian Linux, Mageia, Opensuse and 4 more | 2025-04-12 | N/A |
| Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet. | ||||
| CVE-2014-3145 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2025-04-12 | N/A |
| The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. | ||||
| CVE-2015-0275 | 3 Linux, Oracle, Redhat | 5 Linux Kernel, Linux, Enterprise Linux and 2 more | 2025-04-12 | N/A |
| The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request. | ||||
| CVE-2016-0617 | 1 Oracle | 1 Linux | 2025-04-12 | N/A |
| Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors. | ||||
| CVE-2015-2188 | 6 Debian, Mageia, Opensuse and 3 more | 7 Debian Linux, Mageia, Opensuse and 4 more | 2025-04-12 | N/A |
| epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression. | ||||
| CVE-2016-5259 | 3 Mozilla, Oracle, Redhat | 3 Firefox, Linux, Enterprise Linux | 2025-04-12 | N/A |
| Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop. | ||||