CVEs (1,454)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Debian OpensuseOracle3Debian Linux OpensuseVm VirtualboxMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Cor...Show more |
6Canonical DebianNovell+3 more8Debian Linux Enterprise LinuxJdk+5 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS. |
3Gnu OpensuseOracle3Opensuse PatchSolarisMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. |
6Canonical DebianNovell+3 more9Debian Linux Enterprise LinuxJdk+6 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affe...Show more |
6Canonical DebianNovell+3 more8Debian Linux Enterprise LinuxJdk+5 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. |
4Canonical NovellOpensuse+1 more6Jdk JreOpensuse+3 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. |
6Canonical DebianNovell+3 more7Debian Linux Enterprise LinuxJdk+4 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
7Canonical DebianFedoraproject+4 more10Debian Linux Enterprise LinuxFedora+7 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 5.4 MEDIUM· v2 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related...Show more |
3Debian OpensuseOracle3Debian Linux OpensuseVm VirtualboxMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 4.4 MEDIUM· v2 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Cor...Show more |
6Canonical DebianNovell+3 more8Debian Linux Enterprise LinuxJdk+5 moreMay 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics dev...Show more |
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics dev...Show more |
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics dev...Show more |
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics dev...Show more |
4Fedoraproject OpensuseOracle+1 more4Fedora OpensusePillow+1 moreMay 6, 2026 Jan 16, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed. |
5Canonical DebianLibsndfile Project+2 more5Debian Linux LibsndfileOpensuse+2 moreMay 6, 2026 Jan 16, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. |
Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo....Show more |
Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process...Show more |
2Mozilla Opensuse3Firefox OpensuseSeamonkeyMay 6, 2026 Jan 14, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive info...Show more |
2Mozilla Opensuse3Firefox OpensuseSeamonkeyMay 6, 2026 Jan 14, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows...Show more |