Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.5

HIGH

CVE-2015-4648

Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX control in ipropsapivideo in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allows remote attackers to execute arbitrary code via a long string to the MulticastAddr method....

Affected Products : security_api_activex_sdk
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
6.8

MEDIUM

CVE-2015-4647

Multiple stack-based buffer overflows in Ipropsapi in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allow remote attackers to execute arbitrary code via a long string in the (1) FilePassword property or to the (2) GetStringInfo method....

Affected Products : security_api_activex_sdk
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2015-4230

Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91854....

Affected Products : headend_system_release
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
7.9

HIGH

CVE-2015-4034

The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object....

Affected Products : galaxy_s5
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
3.3

LOW

CVE-2015-4033

Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000....

Affected Products : s-beam
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
7.2

HIGH

CVE-2015-2126

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions....

Affected Products : hp-ux
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2015-2743

PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass....

Affected Products : firefox firefox_esr solaris suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2015-2742

Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream....

Affected Products : firefox macos solaris
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2015-2741

Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass...

Affected Products : firefox firefox_esr solaris
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2740

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspeci...

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors....

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2738

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which h...

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris linux_enterprise_server suse_linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2737

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified im...

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris linux_enterprise_server suse_linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2736

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a...

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2735

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive....

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2734

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has...

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux solaris linux_enterprise_server suse_linux_enterprise_server linux_enterprise_desktop linux_enterprise_software_development_kit
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2733

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttp...

Affected Products : firefox firefox_esr solaris suse_linux_enterprise_desktop suse_linux_enterprise_server
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
10.0

HIGH

CVE-2015-2731

Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging c...

Affected Products : firefox firefox_esr thunderbird solaris
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2015-2730

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which make...

Affected Products : firefox firefox_esr debian_linux solaris network_security_services suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit vm_server
Published: Jul. 06, 2015

Modified: Apr. 12, 2025
5.0

MEDIUM

CVE-2015-2729

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensiti...

Affected Products : firefox firefox_esr thunderbird solaris
Published: Jul. 06, 2015

Modified: Apr. 12, 2025

Showing 20 of 293289 Results

Browse by Apps

Latest CVE Feed

7.5

6.8

7.8

7.9

3.3

7.2

7.5

4.3

4.3

10.0

10.0

10.0

10.0

9.3

9.3

10.0

10.0

10.0

4.3

5.0

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable