Vulnerabilities > Code
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-09 | CVE-2015-2526 | Code vulnerability in Microsoft .Net Framework Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability." | 5.0 |
2015-09-08 | CVE-2015-1841 | Code vulnerability in Redhat Enterprise Virtualization 3.0 The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view. | 3.7 |
2015-09-01 | CVE-2015-6736 | Code vulnerability in Quiz Project Quiz The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression. | 5.0 |
2015-09-01 | CVE-2015-6735 | Code vulnerability in Timedmediahandler Project Timedmediahandler The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new transcode, which allows remote attackers to cause a denial of service (transcode deletion) by resetting a transcode. | 5.0 |
2015-08-31 | CVE-2015-4700 | Code vulnerability in Linux Kernel The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. | 4.9 |
2015-08-31 | CVE-2015-3291 | Code vulnerability in Linux Kernel arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI. | 2.1 |
2015-08-31 | CVE-2014-9731 | Code vulnerability in Linux Kernel The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c. | 2.1 |
2015-08-28 | CVE-2015-2987 | Code vulnerability in Type74 ED Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits. | 2.6 |
2015-08-26 | CVE-2015-4037 | Code vulnerability in Qemu The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program. | 1.9 |
2015-08-18 | CVE-2015-5505 | Code vulnerability in Codfront Labs Http Strict Transport Security The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS policy to not be applied to subdomains and allows man-in-the-middle attackers to have unspecified impact via unknown vectors. | 6.8 |