Export limit exceeded: 366485 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10707 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10707 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-1528 | 7 Canonical, Fedoraproject, Microsoft and 4 more | 8 Ubuntu Linux, Fedora, Windows and 5 more | 2025-04-12 | N/A |
| The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. | ||||
| CVE-2014-1542 | 4 Mozilla, Opensuse, Opensuse Project and 1 more | 4 Firefox, Opensuse, Opensuse and 1 more | 2025-04-12 | N/A |
| Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate. | ||||
| CVE-2014-1561 | 2 Mozilla, Oracle | 2 Firefox, Solaris | 2025-04-12 | N/A |
| Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. | ||||
| CVE-2014-1563 | 3 Mozilla, Opensuse, Oracle | 5 Firefox, Thunderbird, Evergreen and 2 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection. | ||||
| CVE-2014-1737 | 5 Debian, Linux, Oracle and 2 more | 12 Debian Linux, Linux Kernel, Linux and 9 more | 2025-04-12 | N/A |
| The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. | ||||
| CVE-2014-1738 | 5 Debian, Linux, Oracle and 2 more | 12 Debian Linux, Linux Kernel, Linux and 9 more | 2025-04-12 | N/A |
| The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. | ||||
| CVE-2015-4801 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality via unknown vectors related to Solaris Kernel Zones. | ||||
| CVE-2014-2397 | 4 Canonical, Debian, Oracle and 1 more | 7 Ubuntu Linux, Debian Linux, Jdk and 4 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||||
| CVE-2014-2398 | 6 Canonical, Debian, Ibm and 3 more | 12 Ubuntu Linux, Debian Linux, Forms Viewer and 9 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. | ||||
| CVE-2014-2399 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400. | ||||
| CVE-2014-2400 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2399. | ||||
| CVE-2014-2401 | 4 Ibm, Microsoft, Oracle and 1 more | 8 Forms Viewer, Windows, Javafx and 5 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||||
| CVE-2014-2402 | 3 Canonical, Oracle, Redhat | 6 Ubuntu Linux, Jdk, Jre and 3 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-0455. | ||||
| CVE-2014-2403 | 4 Canonical, Debian, Oracle and 1 more | 7 Ubuntu Linux, Debian Linux, Jdk and 4 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP. | ||||
| CVE-2014-2404 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate. | ||||
| CVE-2014-2405 | 3 Canonical, Debian, Oracle | 3 Ubuntu Linux, Debian Linux, Openjdk | 2025-04-12 | N/A |
| Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462. | ||||
| CVE-2014-2406 | 1 Oracle | 1 Database Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges. | ||||
| CVE-2014-2407 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-2417, and CVE-2014-2418. | ||||
| CVE-2014-2408 | 1 Oracle | 1 Database Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege." | ||||
| CVE-2014-2453 | 1 Oracle | 1 Hyperion | 2025-04-12 | N/A |
| Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to User Interface. | ||||