CVE-2023-4911

all versions

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment varia

7.8HIGH

CVE-2019-5544

all versions

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issu

9.8CRITICAL

CVE-2019-11043

all versions

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possibl

8.7HIGH

CVE-2019-14816

all versions

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel,

7.8HIGH

CVE-2019-6454

all versions

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-len

5.5MEDIUM

CVE-2018-16866

all versions

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A loca

3.3LOW

CVE-2017-15129

all versions

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_ne

4.7MEDIUM

CVE-2017-12617

all versions

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs ena

8.1HIGH

CVE-2017-12615

all versions

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation paramet

8.1HIGH

CVE-2016-2818

all versions

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow r

8.8HIGH

CVE-2016-3718

all versions

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-sid

5.5MEDIUM

CVE-2016-3715

all versions

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a

5.5MEDIUM

CVE-2015-4170

all versions

Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows l

4.7MEDIUM

CVE-2015-4902

all versions

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors

5.3MEDIUM

CVE-2015-3214

all versions

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths a

CVE-2015-5165

all versions

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote at

CVE-2015-2590

all versions

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to af

9.8CRITICAL

CVE-2014-7169

all versions

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environme

9.8CRITICAL

CVE-2014-6271

all versions

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows re

9.8CRITICAL

CVE-2013-1675

all versions

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do

6.5MEDIUM