| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure before 2.0.2, ZendService_Amazon before 2.0.3, and ZendService_Api before 1.0.0 allow remote attackers to cause a denial of service (CPU consumption) via (1) recursive or (2) circular references in an XML entity definition in an XML DOCTYPE declaration, aka an XML Entity Expansion (XEE) attack. NOTE: this issue exists because of an incomplete fix for CVE-2012-6532. |
| EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory traversal attacks, cause a denial of service (heap-based buffer overflow and crash), or possibly execute arbitrary code via a crafted URI. |
| Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request. |
| Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments. |
| The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly load the user_logout function, which allows remote attackers to bypass the logout protection mechanism by leveraging a contributed user authentication module, as demonstrated by the CAS and URL Login modules. |
| The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. |
| The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors. |
| Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing. |
| Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method. |
| GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. |
| Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356. |
| The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. |
| service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has a malformed SSID with GBK encoding, aka Qualcomm internal bug CR 978452. |
| The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key. |
| The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript. |
| Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter. |
| Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine. |
| IBM Curam Social Program Management (SPM) 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to cause a denial of service (web-service outage) by making many login attempts with a valid caseworker account name. |
| The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. |
| Use-after-free vulnerability in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. |
