canonical

4,251 tracked vulnerabilities.

CVE-2015-8867 HIGH
PHP < 5.4.44 - Insecure Cryptographic Randomness via Deprecated RAND_pseudo_bytes
May 22, 2016
CVSS 7.5
EPSS 0.04
CVE-2015-8866 CRITICAL
PHP < 5.5.22 - XML External Entity Injection via libxml_disable_entity_loader Bypass
May 22, 2016
CVSS 9.6
EPSS 0.04
CVE-2015-8868 HIGH
Fedora - Memory Corruption
May 06, 2016
CVSS 7.8
EPSS 0.05
CVE-2015-8839 MEDIUM
Linux Kernel < 4.4.221 - Denial of Service via ext4 Hole Punching Race Condition
May 02, 2016
CVSS 5.1
EPSS 0.00
CVE-2015-8325 HIGH
OpenSSH <7.2p2 - Privilege Escalation
May 01, 2016
CVSS 7.8
EPSS 0.01
CVE-2015-8812 CRITICAL
Linux Kernel < 4.5 - Use-After-Free in Infiniband Driver
Apr 27, 2016
CVSS 9.8
EPSS 0.15
CVE-2015-5370 MEDIUM
Samba <4.2.11-4.4.2 - DoS/Privilege Escalation
Apr 25, 2016
CVSS 5.9
EPSS 0.19
CVE-2015-7802 MEDIUM
OptiPNG - Denial of Service via Crafted GIF File
Apr 20, 2016
CVSS 5.5
EPSS 0.02
CVE-2015-7801 HIGH
OptiPNG < 0.6.4 - Use-After-Free via Crafted PNG File
Apr 20, 2016
CVSS 8.8
EPSS 0.05
CVE-2015-8779 CRITICAL
Suse Linux Enterprise Debuginfo < 2.22 - Memory Corruption
Apr 19, 2016
CVSS 9.8
EPSS 0.06
CVE-2015-8778 CRITICAL
Fedora < 2.22 - Memory Corruption
Apr 19, 2016
CVSS 9.8
EPSS 0.06
CVE-2015-8776 CRITICAL
Suse Linux Enterprise Debuginfo < 2.22 - Numeric Error
Apr 19, 2016
CVSS 9.1
EPSS 0.05
CVE-2015-7511 LOW
Libgcrypt < 1.6.5 - ECDH Key Extraction via Electromagnetic Side-Channel
Apr 19, 2016
CVSS 2.0
EPSS 0.00
CVE-2015-5247 MEDIUM
libvirt 1.2.14-1.2.19 - Authenticated Denial of Service via virStorageVolCreateXML API
Apr 14, 2016
CVSS 6.5
EPSS 0.01
CVE-2015-8560 HIGH
cups-filters <1.4.0 - Command Injection
Apr 14, 2016
CVSS 7.3
EPSS 0.05
CVE-2015-8806 HIGH
libxml2 < 2.9.4 - Denial of Service via Heap-Based Buffer Over-Read in dict.c
Apr 13, 2016
CVSS 7.5
EPSS 0.05
CVE-2015-3146 HIGH
libssh < 0.6.5 - Denial of Service via Crafted SSH Packet
Apr 13, 2016
CVSS 7.5
EPSS 0.04
CVE-2015-8552 MEDIUM
Xen - Denial of Service via PCI Backend Driver Missing Sanity Checks
Apr 13, 2016
CVSS 4.4
EPSS 0.00
CVE-2015-7545 CRITICAL
Git < 2.3.10, 2.4.x < 2.4.10, 2.5.x < 2.5.4, 2.6.x < 2.6.1 - Remote Code Execution via Remote Helper Protocols
Apr 13, 2016
CVSS 9.8
EPSS 0.20
CVE-2015-7560 MEDIUM
Samba <4.1.23, <4.2.9, <4.3.6, <4.4.0rc4 - Privilege Escalation
Mar 13, 2016
CVSS 6.5
EPSS 0.13
CVE-2015-5351 HIGH
Apache Tomcat <7.0.68, <8.0.31, <9.0.0.M2 - CSRF
Feb 25, 2016
CVSS 8.8
EPSS 0.09
CVE-2015-5346 HIGH
Apache Tomcat <7.0.66, 8.0.30, 9.0.0.M2 - Session Fixation
Feb 25, 2016
CVSS 8.1
EPSS 0.11
CVE-2015-5345 MEDIUM
Apache Tomcat <6.0.45-9.0.0.M2 - Info Disclosure
Feb 25, 2016
CVSS 5.3
EPSS 0.18
CVE-2015-5174 MEDIUM
Apache Tomcat 6.x < 6.0.45, 7.x < 7.0.65, 8.x < 8.0.27 - Directory Traversal via Slash Dot Dot
Feb 25, 2016
CVSS 4.3
EPSS 0.13
CVE-2015-8805 CRITICAL
Nettle < 3.2 - Incorrect Elliptic Curve Output in ecc_256_modq
Feb 23, 2016
CVSS 9.8
EPSS 0.03