The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptio...

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or ca...

Buffer overflow in the redirection functionality in Cisco Wireless LAN Controller (WLC) Software 7.2 through 7.4 before 7.4.140.0(MD) and 7.5 through 8.0 before 8.0.115.0(ED) allows remote attackers t...

In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers t...

The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system c...

XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary file...

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer ...

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properl...

Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be S...

WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Interne...

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML obje...

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 s...

Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote ...

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS...

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on...

A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS ...

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attac...

A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco Quant...

A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Em...

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerabil...