Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-1930

Summary
Assigner-mozilla
Assigner Org ID-f16b083a-5664-49f3-a51e-8d479e5ed7fe
Published At-31 Jan, 2016 | 18:00
Updated At-05 Aug, 2024 | 23:10
Rejected At-
Credits

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mozilla
Assigner Org ID:f16b083a-5664-49f3-a51e-8d479e5ed7fe
Published At:31 Jan, 2016 | 18:00
Updated At:05 Aug, 2024 | 23:10
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.debian.org/security/2016/dsa-3457
vendor-advisory
x_refsource_DEBIAN
http://www.debian.org/security/2016/dsa-3491
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
vendor-advisory
x_refsource_SUSE
https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
x_refsource_CONFIRM
http://www.securitytracker.com/id/1034825
vdb-entry
x_refsource_SECTRACK
https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2016-0071.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2880-1
vendor-advisory
x_refsource_UBUNTU
http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2880-2
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2016-0258.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
vendor-advisory
x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2904-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
x_refsource_CONFIRM
http://www.securityfocus.com/bid/81953
vdb-entry
x_refsource_BID
https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201605-06
vendor-advisory
x_refsource_GENTOO
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
vendor-advisory
x_refsource_SUSE
https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2016/dsa-3457
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.debian.org/security/2016/dsa-3491
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id/1034825
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0071.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2880-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2880-2
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0258.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.ubuntu.com/usn/USN-2904-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/81953
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
Resource:
x_refsource_CONFIRM
Hyperlink: https://security.gentoo.org/glsa/201605-06
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.debian.org/security/2016/dsa-3457
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.debian.org/security/2016/dsa-3491
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id/1034825
vdb-entry
x_refsource_SECTRACK
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
x_refsource_CONFIRM
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
x_refsource_CONFIRM
x_transferred
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0071.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2880-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2880-2
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
x_refsource_CONFIRM
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
x_refsource_CONFIRM
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0258.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.ubuntu.com/usn/USN-2904-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/81953
vdb-entry
x_refsource_BID
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
x_refsource_CONFIRM
x_transferred
https://security.gentoo.org/glsa/201605-06
vendor-advisory
x_refsource_GENTOO
x_transferred
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
x_refsource_CONFIRM
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
x_refsource_CONFIRM
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2016/dsa-3457
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.debian.org/security/2016/dsa-3491
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id/1034825
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0071.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2880-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2880-2
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0258.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2904-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/81953
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201605-06
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mozilla.org
Published At:31 Jan, 2016 | 18:59
Updated At:12 Apr, 2025 | 10:46

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Mozilla Corporation
mozilla
>>firefox>>Versions up to 43.0.4(inclusive)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>linux>>5.0
cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>linux>>6
cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>linux>>7
cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>38.0
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>38.1.0
cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>38.2.0
cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>38.3.0
cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>38.4.0
cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>firefox>>38.5.0
cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
openSUSE
opensuse
>>leap>>42.1
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>13.2
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.htmlsecurity@mozilla.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.htmlsecurity@mozilla.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.htmlsecurity@mozilla.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.htmlsecurity@mozilla.org
N/A
http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.htmlsecurity@mozilla.org
N/A
http://rhn.redhat.com/errata/RHSA-2016-0071.htmlsecurity@mozilla.org
N/A
http://rhn.redhat.com/errata/RHSA-2016-0258.htmlsecurity@mozilla.org
N/A
http://www.debian.org/security/2016/dsa-3457security@mozilla.org
N/A
http://www.debian.org/security/2016/dsa-3491security@mozilla.org
N/A
http://www.mozilla.org/security/announce/2016/mfsa2016-01.htmlsecurity@mozilla.org
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlsecurity@mozilla.org
Third Party Advisory
http://www.securityfocus.com/bid/81953security@mozilla.org
N/A
http://www.securitytracker.com/id/1034825security@mozilla.org
N/A
http://www.ubuntu.com/usn/USN-2880-1security@mozilla.org
N/A
http://www.ubuntu.com/usn/USN-2880-2security@mozilla.org
N/A
http://www.ubuntu.com/usn/USN-2904-1security@mozilla.org
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1221385security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1223670security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1224200security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230483security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230639security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230668security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230686security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1233152security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1233346security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1233925security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1234280security@mozilla.org
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1234571security@mozilla.org
Issue Tracking
https://security.gentoo.org/glsa/201605-06security@mozilla.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2016-0071.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2016-0258.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2016/dsa-3457af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2016/dsa-3491af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mozilla.org/security/announce/2016/mfsa2016-01.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/81953af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1034825af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2880-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2880-2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2904-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1221385af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1223670af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1224200af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230483af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230639af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230668af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1230686af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1233152af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1233346af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1233925af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1234280af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1234571af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
https://security.gentoo.org/glsa/201605-06af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
Source: security@mozilla.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
Source: security@mozilla.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
Source: security@mozilla.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0071.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0258.html
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2016/dsa-3457
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2016/dsa-3491
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
Source: security@mozilla.org
Resource:
Vendor Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Source: security@mozilla.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/81953
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1034825
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2880-1
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2880-2
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2904-1
Source: security@mozilla.org
Resource: N/A
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
Source: security@mozilla.org
Resource:
Issue Tracking
Hyperlink: https://security.gentoo.org/glsa/201605-06
Source: security@mozilla.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0071.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0258.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2016/dsa-3457
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2016/dsa-3491
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mozilla.org/security/announce/2016/mfsa2016-01.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/81953
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1034825
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2880-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2880-2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2904-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1221385
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1223670
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1224200
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230483
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230639
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230668
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1230686
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233152
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233346
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1233925
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234280
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1234571
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Hyperlink: https://security.gentoo.org/glsa/201605-06
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

3427Records found
CVE-2015-4915
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.47% / 84.66%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Management.

Action-Not Available
Vendor-n/aOracle Corporation
Product-oracle_and_sun_systems_product_suiten/a
CVE-2018-11218
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-16.21% / 94.56%
||
7 Day CHG~0.00%
Published-17 Jun, 2018 | 17:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

Action-Not Available
Vendor-n/aOracle CorporationRed Hat, Inc.Redis Inc.Debian GNU/Linux
Product-rediscommunications_operations_monitordebian_linuxopenstackn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-5123
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-45.20% / 97.51%
||
7 Day CHG~0.00%
Published-14 Jul, 2015 | 10:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-04||The impacted product is end-of-life and should be disconnected if still in use.

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

Action-Not Available
Vendor-n/aMicrosoft CorporationRed Hat, Inc.Adobe Inc.SUSEApple Inc.Linux Kernel Organization, IncopenSUSE
Product-flash_playerenterprise_linux_serverlinux_kernelmacosevergreenenterprise_linux_desktopenterprise_linux_server_eusflash_player_desktop_runtimewindowsenterprise_linux_workstationlinux_enterprise_desktoplinux_enterprise_workstation_extensionn/aFlash Player
CWE ID-CWE-416
Use After Free
CVE-2007-5561
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.65% / 87.41%
||
7 Day CHG~0.00%
Published-18 Oct, 2007 | 20:00
Updated-17 Sep, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. NOTE: this might be the same issue as CVE-2007-0282 or CVE-2007-0280, but there are insufficient details to be sure.

Action-Not Available
Vendor-n/aOracle Corporation
Product-opmn_daemonenterprise_grid_console_servern/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2015-4760
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.69% / 92.13%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-5122
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-92.38% / 99.72%
||
7 Day CHG~0.00%
Published-14 Jul, 2015 | 10:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-04||The impacted product is end-of-life and should be disconnected if still in use.

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

Action-Not Available
Vendor-n/aMicrosoft CorporationRed Hat, Inc.Adobe Inc.SUSEApple Inc.Linux Kernel Organization, IncopenSUSE
Product-flash_playerenterprise_linux_serverwindows_8linux_kernellinux_enterprise_workstation_extensionmacosflash_player_desktop_runtimeenterprise_linux_desktopenterprise_linux_server_eusevergreenenterprise_linux_workstationlinux_enterprise_desktopwindowswindows_8.1n/aFlash Player
CWE ID-CWE-416
Use After Free
CVE-2007-5530
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.39%
||
7 Day CHG~0.00%
Published-17 Oct, 2007 | 23:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CVE-2015-4843
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-22.06% / 95.57%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2020-2801
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-9.23% / 92.40%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-30 Sep, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS instance is using JDK 1.7.0_191 or later, or JDK 1.8.0_181 or later. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-jdkweblogic_serverWebLogic Server
CVE-2015-5130
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-52.98% / 97.87%
||
7 Day CHG~0.00%
Published-14 Aug, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncApple Inc.Microsoft Corporation
Product-airflash_playerlinux_kernelevergreenair_sdkair_sdk_\&_compilerwindowsmac_os_xn/a
CVE-2015-4883
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.74% / 92.16%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2020-2555
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-93.16% / 99.79%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-healthcare_data_repositoryaccess_managercommerce_platformretail_assortment_planningcommunications_diameter_signaling_routerwebcenter_portalutilities_frameworkrapid_planningcoherenceUtilities FrameworkWebCenter PortalMultiple Products
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2015-5119
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-93.23% / 99.79%
||
7 Day CHG~0.00%
Published-08 Jul, 2015 | 14:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||The impacted product is end-of-life and should be disconnected if still in use.

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

Action-Not Available
Vendor-n/aMicrosoft CorporationRed Hat, Inc.Adobe Inc.SUSEApple Inc.Linux Kernel Organization, IncopenSUSE
Product-enterprise_linux_serverevergreenflash_playeropensuseenterprise_linux_server_auslinux_kernelmac_os_xwindowsenterprise_linux_desktopenterprise_linux_server_from_rhuilinux_enterprise_desktoplinux_enterprise_workstation_extensionenterprise_linux_eusenterprise_linux_workstationn/aFlash Player
CWE ID-CWE-416
Use After Free
CVE-2007-5526
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.39%
||
7 Day CHG~0.00%
Published-17 Oct, 2007 | 23:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11.

Action-Not Available
Vendor-n/aOracle Corporation
Product-collaboration_suiteapplication_servern/a
CVE-2007-5531
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.13% / 83.49%
||
7 Day CHG~0.00%
Published-17 Oct, 2007 | 23:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_serverdatabase_serverenterprise_managern/a
CVE-2004-0764
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.54% / 84.89%
||
7 Day CHG~0.00%
Published-03 Aug, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-mozillafirefoxthunderbirdn/a
CVE-2017-5433
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.02% / 83.01%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-21 Oct, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2017-5404
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-29.63% / 96.46%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2004-0902
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-18.82% / 95.05%
||
7 Day CHG~0.00%
Published-24 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

Action-Not Available
Vendor-conectivan/aRed Hat, Inc.Mozilla CorporationSUSE
Product-thunderbirdmozillaenterprise_linux_desktopsuse_linuxfedora_corelinuxenterprise_linuxlinux_advanced_workstationn/a
CVE-2015-5134
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-52.98% / 97.87%
||
7 Day CHG~0.00%
Published-14 Aug, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncApple Inc.Microsoft Corporation
Product-airflash_playerlinux_kernelevergreenair_sdkair_sdk_\&_compilerwindowsmac_os_xn/a
CVE-2015-5127
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-52.98% / 97.87%
||
7 Day CHG~0.00%
Published-14 Aug, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Action-Not Available
Vendor-n/aAdobe Inc.openSUSELinux Kernel Organization, IncApple Inc.Microsoft Corporation
Product-airflash_playerlinux_kernelevergreenair_sdkair_sdk_\&_compilerwindowsmac_os_xn/a
CVE-2020-2551
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-94.39% / 99.97%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-12-07||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic ServerFusion Middleware
CVE-2015-4839
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.71% / 85.35%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vulnerability than CVE-2015-4798.

Action-Not Available
Vendor-n/aOracle Corporation
Product-e-business_suiten/a
CVE-2015-4733
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-14.84% / 94.27%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4881
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.29% / 91.29%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4731
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.69% / 92.61%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4732
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-14.87% / 94.27%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4798
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.71% / 85.35%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vulnerability than CVE-2015-4839.

Action-Not Available
Vendor-n/aOracle Corporation
Product-e-business_suiten/a
CVE-2020-2546
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-29.69% / 96.47%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Sep, 2024 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Application Container - JavaEE). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic Server
CVE-2018-1000120
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.39% / 79.56%
||
7 Day CHG~0.00%
Published-14 Mar, 2018 | 18:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle CorporationCanonical Ltd.Red Hat, Inc.CURL
Product-enterprise_linux_serverubuntu_linuxcommunications_webrtc_session_controllerdebian_linuxpeoplesoft_enterprise_peopletoolsenterprise_linux_workstationcurlenterprise_linux_desktopenterprise_manager_ops_centern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2007-2133
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_enterprisen/a
CVE-2007-2127
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.39%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application Object Library (APPS04), iStore (2) APPS05 and (3) APPS06, (4) iSupport (APPS07), (5) Trade Management (APPS09), (6) Applications Manager (APPS10), and (7) Oracle Report Manager (APPS03).

Action-Not Available
Vendor-n/aOracle Corporation
Product-e-business_suiten/a
CVE-2007-2125
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Collaborative Workspace in Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka OCS01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-collaboration_suiten/a
CVE-2015-0469
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.20% / 92.40%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2015-4844
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-16.77% / 94.68%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2007-2132
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.03% / 76.45%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.47.12 and 8.48.08 has unknown impact and attack vectors, aka PSE02.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_enterprisen/a
CVE-2015-4835
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.77% / 89.04%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2007-2126
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.06% / 76.72%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02).

Action-Not Available
Vendor-n/aOracle Corporation
Product-e-business_suiten/a
CVE-2007-2176
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.68% / 85.26%
||
7 Day CHG~0.00%
Published-24 Apr, 2007 | 16:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxn/a
CVE-2015-4479
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-4.23% / 88.32%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSECanonical Ltd.
Product-firefoxopensuseubuntu_linuxn/a
CVE-2007-1794
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.32% / 86.75%
||
7 Day CHG~0.00%
Published-02 Apr, 2007 | 22:00
Updated-07 Aug, 2024 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Mozilla Corporation
Product-sunosmozillasolarisn/a
CVE-2007-2122
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, aka AS03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_servern/a
CVE-2017-5390
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.71% / 85.33%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopThunderbirdFirefox ESRFirefox
CVE-2015-0353
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-4.16% / 88.23%
||
7 Day CHG~0.00%
Published-14 Apr, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, IncopenSUSESUSERed Hat, Inc.Apple Inc.Microsoft Corporation
Product-flash_playerenterprise_linux_workstation_supplementarylinux_kernelopensuseenterprise_linux_server_supplementarysuse_linux_enterprise_desktopwindowsenterprise_linux_server_supplementary_eussuse_linux_workstation_extensionmac_os_xenterprise_linux_desktop_supplementaryn/a
CVE-2007-2129
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-18 Apr, 2007 | 18:00
Updated-07 Aug, 2024 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-enterprise_managern/a
CVE-2015-4497
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||HIGH
EPSS-3.04% / 86.15%
||
7 Day CHG~0.00%
Published-29 Aug, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxn/a
CVE-2003-1042
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.61%
||
7 Day CHG~0.00%
Published-03 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-bugzillan/a
CVE-2017-7818
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.00% / 92.28%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_desktopFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2017-7800
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.64% / 89.99%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2017-7819
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.00% / 92.28%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_desktopFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 7
  • 8
  • 9
  • ...
  • 68
  • 69
  • Next
Details not found